Login

Tag Archives: Reflected Cross-Site Scripting (XSS)

14 Apr 2022

Vulnerability Details: Reflected Cross-Site Scripting (XSS) in Photo Gallery

Last week a new version of the WordPress plugin Photo Gallery was released that had a couple of changelog entries indicating that vulnerabilities might have been fixed in it. As at least one of our customers was using the plugin, we took a look over the changes made and found they appeared to be duplicating existing security in places, which was confusing.

[Read more]

4 Feb 2022

False Report of Vulnerability in IP2Location Country Blocker Leads to Finding Real Vulnerability

Today Packet Storm published a report claiming there is a persistent cross-site scripting (XSS) vulnerability in the plugin IP2Location Country Blocker. The report makes this claim:

An authenticated user is able to inject arbitrary Javascript or HTML code to the “Frontend Settings” interface available in settings page of the plugin (Country Blocker), due to incorrect sanitization of user-supplied data and achieve a Stored Cross-Site Scripting attack against the administrators or the other authenticated users. The plugin versions prior to 2.26.7 are affected by this vulnerability. [Read more]

20 Jan 2022

Wordfence Fails to Warn of Easy to Spot Vulnerabilities in WP HTML Mail

A couple of frequent issues we see with the WordPress security company Wordfence involve them belatedly telling people to update individual plugins instead of just telling people to keep plugins up to date at all times (which they admit would lessen the need for what they are selling) and failing to warn people that plugins still contain easy to spot vulnerabilities. Both of those are true with the plugin WP HTML Mail.

Yesterday, they told people to update the plugin because of a cross-site scripting (XSS) vulnerability that had already been fixed. But while reviewing that, we found the plugin still contains an easy to spot XSS vulnerability and the same code allows anyone logged in to WordPress to send unlimited emails to arbitrary email addresses from the website. [Read more]

19 Jan 2022

Vulnerability Details: Reflected Cross-Site Scripting (XSS) in Download Monitor

Recently the WPScan Vulnerability Database added an entry claiming there had been a reflected cross-site scripting (XSS) vulnerability fixed in the WordPress plugin Download Monitor, though they also claimed it wasn’t verified and they provided no way for their customers to do the verification they failed to do.

[Read more]