Lucene search
Nguyen Anh TienWPEX-ID:8F3CCA92-D072-4806-9142-7F1A987F840BHistorySep 06, 2020 - 12:00 a.m.
Constant Contact Forms < 1.8.8 - Multiple Authenticated Stored XSS
2020-09-0600:00:00
Nguyen Anh Tien
271
0.001 Low
EPSS
Percentile
24.8%
Multiple stored cross-site scripting vulnerabilities in Constant Contact Forms for WordPress 1.8.7 and lower allow high-privileged user (Editor+) to inject arbitrary Javascript code or HTML in posts where the malicious form is embed.
High-privileged user (Editor+) can exploit XSS via Add New Form's form parameters:
- Button text
- Field Description
The stored script is executed for all the users visiting the website.
## Proof of Concept
1. Download and install "Constant Contact Forms for WordPress 1.8.7" from https://wordpress.org/plugins/constant-contact-forms/
2. Go into "Contact Form" tab from the sidebar and create a new form by clicking on the "Add New Form" button.
3. Input an XSS vector to "Button text", "Field Description" fields, for example:
" autofocus=true onfocus='alert(document.domain)'>
4. Save the changes and click on "Publish" (Editor role).
5. By visiting posts that have embedded shortcodes (Ex: `[ctct form="XXX"]`), the javaScript code injected would be executed.Related
nvd
nvd
CVE-2021-24134
2021-03-18 15:15:14
cve
cve
CVE-2021-24134
2021-03-18 15:15:14
wpvulndb
wpvulndb
Constant Contact Forms < 1.8.8 - Multiple Authenticated Stored XSS
2020-09-06 00:00:00
prion
prion
Cross site scripting
2021-03-18 15:15:00
cvelist
cvelist