XSS Vulnerability Detected in Form Created by User List Widget
-
Our vulnerability scanner (Netsparker Cloud) is reporting a cross-site scripting vulnerability in the form “userlist” created by User List widget.
Site name scrubbed from below (changed to site.gov)
Version of your plugin is current: 2.2.2
Variable passed to form that creates XSS error.
'"--></style></scRipt><scRipt>netsparker(0x003BC6)</scRipt>
Request and response
Request GET /users/login/?'"--></style></scRipt><scRipt>netsparker(0x003BC6)</scRipt> HTTP/1.1 Cache-Control: no-cache Referer: https://site.gov/users/ Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.170 Safari/537.36 Accept-Language: en-us,en;q=0.5 X-Scanner: Netsparker Cloud Host: site.gov Cookie: wordpress_test_cookie=WP+Cookie+check Accept-Encoding: gzip, deflate
Response … en" name="wppb_login" value="true"/><input type="hidden" name="wppb_form_location" value="page"/><input type="hidden" name="wppb_request_url" value="https://site.gov:443/users/login/?\'\"--></style></scRipt><scRipt>netsparker(0x003BC6)</scRipt>"/><input type="hidden" name="wppb_lostpassword_url" value=""/> </form></div></div><div class="content-box red"><strong>Forget or need to reset your password?</strong> <div class="wppb_holder" id= … rs_widget-2" class="widget users"><div class="widget-wrap"><h2 class="widgettitle">Current List of Site Members</h2> <div class="wrap"><!-- form wrap --> <form id="userlist" action="/users/login/?\'\"--></style></scRipt><scRipt>netsparker(0x003BC6)</scRipt>" method="post"> <input type="hidden" name="action" value="save" /> <input type="hidden" id="amr-meta" name="amr-meta" value="1cfec20499" /><input type="hidden" name="_wp_http_referer" value="/users/l
Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
- The topic ‘XSS Vulnerability Detected in Form Created by User List Widget’ is closed to new replies.