A Stored XSS (Cross-Site-Scripting) vulnerability was discovered in the WordPress Plugin – Testimonial Slider and Showcase affecting version 2.2.6. At present, there is no patch. With over 20,000+ Active installations, Users of this plugin are advised to disable and delete it with immediate effect until a patch is released. Security researchers, Saitamang , Yunaranyancat , Syad submitted the following PoC to OffensiveSecurity.
# Exploit Title: WordPress Plugin Testimonial Slider and Showcase 2.2.6 - Stored Cross-Site Scripting (XSS)
# Date: 05/08/2022
# Exploit Author: saitamang , yunaranyancat , syad
# Vendor Homepage: https://wordpress.org
# Software Link: https://wordpress.org/plugins/testimonial-slider-and-showcase/
# Version: 2.2.6
# Tested on: Centos 7 apache2 + MySQL
WordPress Plugin "Testimonial Slider and Showcase" is prone to a cross-site scripting (XSS) vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. WordPress Plugin "Testimonial Slider and Showcase" version 2.2.6 is vulnerable; prior versions may also be affected.
Login as Editor > Add testimonial > Under Title inject payload below ; parameter (post_title parameter) > Save Draft > Preview the post
payload --> test"/><img/src=""/onerror=alert(document.cookie)>
The draft post can be viewed using the Editor account or Admin account and XSS will be triggered once clicked.
Suggest an edit to this article
Go to Cybersecurity Knowledge Base
Got to the Latest Cybersecurity News
Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.
Remember, CyberSecurity Starts With You!
This post was last modified on 3 September 2022 1:03 AM
British high street chain WH Smith has recently revealed that it was hit by a…
As banks worldwide roll out Voice ID as a means of user authentication over the…
In the era of digital transformation, cybersecurity has become a major concern for businesses. When…
In today's digital age, cybersecurity threats have become a significant concern for businesses of all…
The RIG Exploit Kit is currently in the midst of its most productive phase, attempting…
One of the most transformational technologies of our time, artificial intelligence (AI), has quickly come…
Leave a Comment