Categories: InfoSec News Vulnerabilities

WordPress Plugin Testimonial Slider and Showcase 2.2.6 Stored XSS PoC

Published by
RiSec.Mitch

A Stored XSS (Cross-Site-Scripting) vulnerability was discovered in the WordPress Plugin – Testimonial Slider and Showcase affecting version 2.2.6. At present, there is no patch. With over 20,000+ Active installations, Users of this plugin are advised to disable and delete it with immediate effect until a patch is released. Security researchers, Saitamang , Yunaranyancat , Syad submitted the following PoC to OffensiveSecurity.

# Exploit Title: WordPress Plugin Testimonial Slider and Showcase 2.2.6 - Stored Cross-Site Scripting (XSS)
# Date: 05/08/2022
# Exploit Author: saitamang , yunaranyancat , syad
# Vendor Homepage: https://wordpress.org
# Software Link: https://wordpress.org/plugins/testimonial-slider-and-showcase/
# Version: 2.2.6
# Tested on: Centos 7 apache2 + MySQL

WordPress Plugin "Testimonial Slider and Showcase" is prone to a cross-site scripting (XSS) vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. WordPress Plugin "Testimonial Slider and Showcase" version 2.2.6 is vulnerable; prior versions may also be affected.

Login as Editor > Add testimonial > Under Title inject payload below ; parameter (post_title parameter) > Save Draft > Preview the post

payload --> test"/><img/src=""/onerror=alert(document.cookie)>

The draft post can be viewed using the Editor account or Admin account and XSS will be triggered once clicked.

Suggest an edit to this article

Go to Cybersecurity Knowledge Base

Got to the Latest Cybersecurity News

Go to Cybersecurity Academy

Go to Homepage

Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.

Remember, CyberSecurity Starts With You!

  • Globally, 30,000 websites are hacked daily.
  • 64% of companies worldwide have experienced at least one form of a cyber attack.
  • There were 20M breached records in March 2021.
  • In 2020, ransomware cases grew by 150%.
  • Email is responsible for around 94% of all malware.
  • Every 39 seconds, there is a new attack somewhere on the web.
  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
Bookmark
Please login to bookmark Close
Social Comments Box
Share the word, let's increase Cybersecurity Awareness as we know it

This post was last modified on 3 September 2022 1:03 AM

RiSec.Mitch

Just your average information security researcher from Delaware US.

Leave a Comment
Published by
RiSec.Mitch
Tags: cybersecurity cybersecurity news infosecurity xss

Recent Posts

  • Data Breach News
  • InfoSec News

WH Smith Announces Cyber-Attack: Employee Data Stolen

British high street chain WH Smith has recently revealed that it was hit by a…

2 years ago
  • InfoSec News
  • World Affairs

Voice ID: How Secure is it Really?

As banks worldwide roll out Voice ID as a means of user authentication over the…

2 years ago
  • Cybersecurity Academy
  • InfoSec News

What distinguishes Application Security from API Security?

In the era of digital transformation, cybersecurity has become a major concern for businesses. When…

2 years ago
  • Cybersecurity Academy
  • InfoSec News

The Top 5 Cybersecurity threats facing Businesses Today

In today's digital age, cybersecurity threats have become a significant concern for businesses of all…

2 years ago
  • InfoSec News
  • World Affairs

Enterprise users infected by RIG Exploit Kit thanks to Internet Explorer

The RIG Exploit Kit is currently in the midst of its most productive phase, attempting…

2 years ago
  • Cybersecurity Academy

The Rise and Rise of AI

One of the most transformational technologies of our time, artificial intelligence (AI), has quickly come…

2 years ago