Awesome Support <= 5.8.0 - Stored XSS via Ticket Title



Description
The lack of sanitisation in the post_title of a ticket could allow users with the Support Supervisor capability to create tickets containing XSS payloads.

The risk is relatively low, as CSRF checks are in place and the affected role is close to an admin one. Using the DISALLOW_UNFILTERED_HTML
 constant does not mitigate the attack.

January 10th, 2020 - WP Plugins Team Notified

References

CVE 2019-20181
URL https://medium.com/@Pablo0xSantiago/cve-2019-20181-awesome-support-wordpress-helpdesk-support-plugin-5-8-0-84a0c022cf53

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher 0xPablito
Views 8321
Verified Yes
WPVDB ID 10017

Timeline

Publicly Published 2020-01-06 (6 months ago)
Added 2020-01-10 (6 months ago)
Last Updated 2020-01-11 (6 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin