Advertisement






WordPress TranslatePress 2.0.8 Cross Site Scripting

CVE Category Price Severity
CVE-2021-24610 CWE-79 $500 High
Author Risk Exploitation Type Date
Unknown High Remote 2021-09-28
CPE
cpe:cpe:/a:wordpress:translatepress:2.0.8
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021090137

Below is a copy:

WordPress TranslatePress 2.0.8 Cross Site Scripting
# Exploit Title: WordPress Plugin TranslatePress 2.0.8 - Stored Cross-Site Scripting (XSS) (Authenticated)
# Date: 06-08-2021
# Exploit Author: Nosa Shandy (Apapedulimu)
# Vendor Homepage: https://translatepress.com/
# Software Link: https://wordpress.org/plugins/translatepress-multilingual/ 
# Reference: https://wpscan.com/vulnerability/b87fcc2f-c2eb-4e23-9757-d1c590f26d3f
# Version: 2.0.6 
# Tested on: macOS 11.4
# CVE : CVE-2021-24610

Description:
The plugin does not implement a proper filter on the 'translated' parameter when input to the database. The 'trp_sanitize_string' function only check the "<script></script>" with the preg_replace, the attacker can use the HTML Tag to execute javascript.

Step To Reproduce:
1. Go to http://localhost:8888/wordpress/?trp-edit-translation=true
2. Input Gettext String
3. Input the payload such as <img src=x onerror=alert(4)>
4. Save, The payload will be executed.
5. Look on the homepage will be affected.

Video : https://drive.google.com/file/d/1PnvjHuKCvjmom6xz_sxNLBu3jixCiHy_/view?usp=sharing

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.