WordPress Plugin Vulnerabilities
Change WordPress Login Logo < 1.1.5 - Authenticated Stored Cross-Site Scripting
Description
The height, and width fields used to update the custom logo was found to be vulnerable to stored XSS, as they did not sanitize user input properly before publishing the changes. It is triggered when a user loads the login page.
Proof of Concept
Set the following payload as Height or Width in the plugin's settings: 100}</style><script>alert(0)</script>
Affects Plugins
References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Melbin K Mathew
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2020-08-19 (about 3 years ago)
Added
2020-08-19 (about 3 years ago)
Last Updated
2020-11-28 (about 3 years ago)