Lucene search
Th3.d1p4kWPEX-ID:DB0B9480-2FF4-423C-A745-68E983FFA12BHistoryNov 29, 2021 - 12:00 a.m.
Buttonizer - Smart Floating Action Button < 2.5.5 - Admin+ Stored Cross-Site Scripting
2021-11-2900:00:00
th3.d1p4k
88
buttonizer
cross-site scripting
admin+
exploit
security vulnerability
EPSS
0.001
Percentile
24.8%
The plugin does not sanitise and escape some parameter before outputting them in attributes and page, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Add/edit a new button, set its Button action to "Website URL" and add the following payload as URL: javascript:alert(/XSS/)
As label, the following payload can be used as well: <img src onerror=alert(/XSS-Label/)>
Publish it and the XSS will be triggered when viewing the page with the button (w/o user interaction for the XSS in the label field, while clicking on it for the XSS in the URL)Related
wpvulndb
wpvulndb
prion
prion
Cross site scripting
2021-12-27 11:15:00
cve
cve
CVE-2021-24992
2021-12-27 11:15:09
cnvd
cnvd
nvd
nvd
CVE-2021-24992
2021-12-27 11:15:09
cvelist
cvelist
patchstack
patchstack