CVE-2022-3631 The OAuth plugin through 1.1.0 doesn't sanitize and escape some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks.

CVE-2022-3631 The OAuth plugin through 1.1.0 doesn't sanitize and escape some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks.

The high-privilege user could create a malicious link that would be parsed and executed by the web server if the unfiltered_html setting is disabled. This Cross-Site Scripting vulnerability in the plugin could be exploited by an attacker to execute arbitrary script code in the browser of the user who has access to the WordPress site where the plugin is installed. In most cases, the access to the WordPress site will be either with the root login or with a high-privilege user account.

To discover if your site is vulnerable, you can enter the following command in your server’s command prompt: https://www.google.com/search?q=site:wordpress plugin=example . If you get a message that looks like the following, it means that a Cross-Site Scripting vulnerability exists in the plugin: If you are unsure about the exact version of the plugin installed on your site, you can also use the following command: https://www.google.com/search?q=site:wordpress plugin=example version .
This vulnerability was reported to the plugin developer DigitialPixies WordPress plugin team through their support channel and the DigitialPixies team has since released version 1.1.1 of their plugin. You can upgrade to the latest version of the plugin through the Plugins menu in WordPress admin area.

How to check if your site is vulnerable?

If your WordPress site is running on a version of the plugin that is vulnerable to this vulnerability, you can enter the following command into your server’s command prompt and see if you get a message similar to the following: If you are unsure about the exact version of the plugin installed on your site, you can also use the following command: https://www.google.com/search?q=site:wordpress plugin=example version .
This vulnerability was reported to the plugin developer DigitialPixies WordPress plugin team through their support channel and the DigitialPixies team has since released version 1.1.1 of their plugin. You can upgrade to the latest version of the plugin through the Plugins menu in WordPress admin area.

Description of the Cross-Site Scripting Vulnerability

In the DigitialPixies WordPress plugin, there is a Cross-Site Scripting vulnerability that would allow an attacker to execute arbitrary script code in the browser of the user who has access to the WordPress site where the plugin is installed. This vulnerability exists because there is no validation of input passed through comments and text widgets on certain pages.
An attacker could create a malicious link that would be parsed and executed by the web server if the unfiltered_html setting is disabled (which is enabled by default). This Cross-Site Scripting vulnerability in the plugin could be exploited by an attacker to execute arbitrary script code in the browser of the user who has access to the WordPress site where this plugin is installed. In most cases, this will be either with a root login or with a high-privilege user account.

What is Cross-Site Scripting?

Cross-Site Scripting occurs when an attacker trick a user into clicking on a malicious link. This can be done in various ways including injecting code into the browser or displaying it in an external site. Cross-Site Scripting vulnerabilities can lead to the following:

Injecting arbitrary scripts into webpages
Executing code in the context of the website
Modifying data and resources on the website

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe