Lucene search
Bob MatyasWPEX-ID:9B3CDA9A-17A7-4173-93A2-D552A874FAE9HistoryMay 31, 2024 - 12:00 a.m.
CB (legacy) <= 0.9.4.18 - Admin+ Stored XSS
2024-05-3100:00:00
Bob Matyas
6
stored xss vulnerability
admin interface
legacy version
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
1. Go to https://example.com/wp-admin/admin.php?page=cb_timeframes_edit
2. Add a "timeframe" and for the field "Timeframe Title" enter the PoC: `"><script>alert(2)</script>
3. Save and see the XSS
Note: The XSS will trigger in other places throughout the admin interface where the timeframe is displayed.Related
cve
cve
CVE-2024-4381
2024-06-21 06:15:11
wpvulndb
wpvulndb
CB (legacy) <= 0.9.4.18 - Admin+ Stored XSS
2024-05-31 00:00:00
nvd
nvd
CVE-2024-4381
2024-06-21 06:15:11
cvelist
cvelist
CVE-2024-4381 CB (legacy) <= 0.9.4.18 - Admin+ Stored XSS
2024-06-21 06:00:03
vulnrichment
vulnrichment
CVE-2024-4381 CB (legacy) <= 0.9.4.18 - Admin+ Stored XSS
2024-06-21 06:00:03
wordfence
wordfence
5.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for WPEX-ID:9B3CDA9A-17A7-4173-93A2-D552A874FAE9