The Responsive WordPress Slider WordPress plugin through 2.2.0 does not sanitise and escape some of the Slider options, allowing Cross-Site Scripting payloads to be set in them. Furthermore, as by default any authenticated user is allowed to create Sliders (https://wordpress.org/support/topic/slider-can-be-changed-from-any-user-even-subscriber/, such settings can be changed in the plugin's settings), this would allow user with a role as low as subscriber to perform Cross-Site Scripting attacks against logged in admins viewing the slider list and could lead to privilege escalation by creating a rogue admin account for example.
References
| Link | Resource |
|---|---|
| https://wpscan.com/vulnerability/4a2dddfc-6ce2-4edd-aaaa-4c130a9356d0 | Exploit Third Party Advisory |
Configurations
History
28 Oct 2021, 14:39
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 5.4 |
| References | (MISC) https://wpscan.com/vulnerability/4a2dddfc-6ce2-4edd-aaaa-4c130a9356d0 - Exploit, Third Party Advisory | |
| CPE | cpe:2.3:a:motopress:motopress-slider-lite:*:*:*:*:*:wordpress:*:* |
25 Oct 2021, 15:34
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-10-25 14:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-24544
Mitre link : CVE-2021-24544
CVE.ORG link : CVE-2021-24544
JSON object : View
Products Affected
motopress
- motopress-slider-lite
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')