CVE-2022-40047 Flatpress v1.2.1 has an XSS vulnerability via the page parameter in the admin section.

An attacker can inject malicious script code in the page parameter to execute arbitrary script code in the browser of an unsuspecting user through this vulnerability.

There is a possibility that an attacker can upload a malicious file on the server via the upload page parameter at /flatpress/admin.php.

After an attacker successfully uploads a malicious file on the server, he can send it to the target victim via email or other data sharing channels.
In the following scenario, an attacker uploads a malicious file named coffee.jpg via the upload page parameter at /flatpress/admin.php and sends it to the victim via email. The email containing the malicious coffee.jpg file is received by the victim. The victim clicks on the malicious coffee.jpg link, and Flatpress is exploited through the XSS attack.

XSS attacks: What you should know

An XSS attack is an attack that takes advantage of cross-site scripting vulnerabilities. It allows attackers to inject malicious script code in the page parameter to execute arbitrary script code in the browser of an unsuspecting user. This vulnerability occurs because the vulnerable application trusts data that is received from a different source, typically an untrusted source or the user.

The following are some of the common ways that XSS attacks can be delivered:

• Email  In this scenario, email agents can compromise your website by injecting malicious script into legitimate HTML emails. These emails can also be intercepted before reaching their intended target and injected with malicious content.
• Web browser  In this scenario, attackers can exploit websites by injecting malicious scripts into legitimate HTML documents served from websites. This includes JavaScript and other client-side technologies such as Flash and VBScript.
• Data sharing channels  In this scenario, attackers can exploit websites by injecting malicious scripts into otherwise normal-looking data retrieved from services such as XMLHttpRequest, JSONP, or FormData.

Flatpress:

A WordPress Theme that is vulnerable to XSS
Flatpress is a WordPress theme with a vulnerability (CVE-2022-40047) that allows an attacker to inject malicious script code in the page parameter to execute arbitrary script code in the browser of an unsuspecting user through this vulnerability. This same vulnerability exists on any other website that uses this theme.
An attacker can inject malicious script code in the page parameter to execute arbitrary script code in the browser of an unsuspecting user through this vulnerability.
There is a possibility that an attacker can upload a malicious file on the server via the upload page parameter at /flatpress/admin.php.

Timeline

Published on: 10/11/2022 19:15:00 UTC
Last modified on: 10/13/2022 15:37:00 UTC

References

• http://flatpress.com
• https://github.com/flatpressblog/flatpress/issues/153
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-40047