WordPress Plugin Vulnerabilities
Contact Form & Lead Form Elementor Builder < 1.7.0 - Multiple Admin+ Stored Cross-Site Scripting
Description
The plugin does not escape some of its form fields before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Proof of Concept
Create/Edit a form and put the following payload in a Filed Name or Default Value; "style=animation-name:rotation onanimationstart=alert(/XSS/)// yo="
Affects Plugins
References
CVE
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Yoru Oni
Submitter
Yoru Oni
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-01-05 (about 2 years ago)
Added
2022-02-01 (about 2 years ago)
Last Updated
2022-04-13 (about 2 years ago)