WordPress Plugin Vulnerabilities

Responsive Cookie Consent <= 1.7 - Authenticated Stored Cross-Site Scripting (XSS)

Description

A persistent cross-site scripting vulnerability has been found in the web interface of the plugin that allows the execution of arbitrary HTML/script code to be executed in the victim's browser when they visit the web site.

Tested on version 1.5, 1.6 and 1.7 (older versions may also be affected)

Proof of Concept

1) Access WordPress control panel.
2) Navigate to the Responsive Cookie Consent plugin page.
3) Select one of the input fields. For example, "Cookie Bar Border Bottom Size".
4) Insert the script you wish to inject.
5) Save the plugin settings.
6) Injected script will run in the victim user's browser. Depending on which input field you inserted the script, the script may also run everytime you load the Responsive Cookie Consent plugin page.

Affects Plugins

Plugin icon
responsive-cookie-consent
Fixed in 1.8

References

CVE
CVE-2018-10309
URL
https://plugins.trac.wordpress.org/changeset/1823917/responsive-cookie-consent

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
5.4 (medium)

Miscellaneous

Submitter
B0UG
Verified
No
WPVDB ID
104b1d9e-2d99-4a6f-98ee-b7d64ece8208

Timeline

Publicly Published
2018-04-24 (about 6 years ago)
Added
2018-04-26 (about 6 years ago)
Last Updated
2020-09-22 (about 3 years ago)

Other

Published
Title
Published
2024-05-17
Title
Piotnet Addons For Elementor < 2.4.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
Published
2022-12-14
Title
Permalink Manager Lite < 2.3.0 - Authenticated Stored XSS
Published
2021-12-20
Title
Event Calendar < 1.1.51 - Reflected Cross-Site Scripting
Published
2021-11-30
Title
LiteSpeed Cache < 4.4.4 - Admin+ Reflected Cross-Site Scripting
Published
2024-01-03
Title
Easy SVG Allow <= 1.0 - Author+ Stored XSS via SVG