Lucene search
ZhangyunpeiWPVDB-ID:96818024-57AB-419D-BD46-7D2DA98269E6HistoryNov 30, 2022 - 12:00 a.m.
Sliderby10Web < 1.2.53 - Admin+ Stored XSS
2022-11-3000:00:00
zhangyunpei
wpscan.com
8
sliderby10web
plugin
version 1.2.53
admin
stored xss
settings
high privilege users
unfiltered_html
capability
multisite setup
poc
sliders
edit
slide options
input box
link the slide to
save
refresh page
xss popup
security advisory
EPSS
0.001
Percentile
25.3%
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
PoC
1. Go to “Slider » Sliders” and edit one of the Sliders or add a new one. 2. Click the “Slide options” and enter: 1" onmouseenter=“alert(/XSS/)” ", in the input box named “Link the slide to”. 3. Click Save » refresh the page, and hover the mouse over the input box under ‘Slide options’ to check the XSS popup.
Related
cve
cve
CVE-2022-4197
2022-12-26 13:15:13
prion
prion
Cross site scripting
2022-12-26 13:15:00
cvelist
cvelist
CVE-2022-4197 Sliderby10Web < 1.2.53 - Admin+ Stored XSS
2022-12-26 12:28:00
wpexploit
wpexploit
Sliderby10Web < 1.2.53 - Admin+ Stored XSS
2022-11-30 00:00:00
nvd
nvd
CVE-2022-4197
2022-12-26 13:15:13