WP Remote Site Search < 1.0.5 – Authenticated (Contributor+) Stored Cross-Site Scripting | CVE 2023-51397 | Plugin Vulnerabilities

Description

The WP Remote Site Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on the
'max_results' user supplied attribute. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Affects Plugins

wp-remote-site-search

Fixed in 1.0.5

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/79d4e5a8-028a-488e-b419-77a0981a28a9

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Rafie Muhammad

Verified

No

WPVDB ID

91e1d251-ab37-44bd-9605-db67db1b7f5d

Timeline

Publicly Published

2023-12-26 (about 4 months ago)

Added

2024-01-05 (about 4 months ago)

Last Updated

2024-01-22 (about 3 months ago)

Other

Published

Title

Published

2022-12-28

Title

Meteor Slides < 1.5.7 - Contributor+ Stored XSS

Published

2023-01-16

Title

Restaurant Menu < 2.3.6 - Contributor+ Stored XSS via Shortcode

Published

2023-02-22

Title

Accordions < 2.3.1 - Admin+ Stored XSS

Published

2015-04-25

Title

The7 Premium Theme < 2.1.1 - Cross-Site Scripting (XSS)

Published

2021-07-14

Title

Forminator < 1.14.12 - Unauthenticated Stored XSS