Lucene search
Dmitrii IgnatyevWPEX-ID:AE8E225A-5273-4DB1-9C72-060304CCA658HistoryMar 25, 2024 - 12:00 a.m.
WP User Profile Avatar <= 1.0.1 - Contributor+ Stored XSS
2024-03-2500:00:00
Dmitrii Ignatyev
39
wordpress
user profile
avatar
xss
stored
contributor+
security
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
Enter the following shortcode in a post, and hover the resulting HTML.
[user_profile_avatar size='" onmouseover="alert(/XSS/)"']References
Related
wpvulndb
wpvulndb
WP User Profile Avatar <= 1.0.1 - Contributor+ Stored XSS
2024-03-25 00:00:00
vulnrichment
vulnrichment
CVE-2023-6067 WP User Profile Avatar <= 1.0.1 - Contributor+ Stored XSS
2024-04-15 05:00:01
nvd
nvd
CVE-2023-6067
2024-04-15 05:15:13
cvelist
cvelist
CVE-2023-6067 WP User Profile Avatar <= 1.0.1 - Contributor+ Stored XSS
2024-04-15 05:00:01
cve
cve
CVE-2023-6067
2024-04-15 05:15:13
wordfence
wordfence
AI Score
8.3
Confidence
High
EPSS
0
Percentile
9.0%
Related for WPEX-ID:AE8E225A-5273-4DB1-9C72-060304CCA658