Computer Repair Shop < 2.0 - Authenticated Stored XSS



Description
Computer Repair Shop is vulnerable to stored XSS. When a user has admin capabilities, malicious code can be submitted through the plugin's options. Fixed in version 2.0.
Proof of Concept
The plugin's options provided a basic HTML validation, which could be bypassed by copying + pasting malicious code into the text-field. The last character would be stripped from the code. After posting, malicious code could be executed by the browser. 

Proof of concept video: https://youtu.be/qulQTOqAyL4

Affects Plugin

fixed in version 2.0

References

URL https://jrjmulder.nl/plugins/computer-repair-shop/

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Jeroen Mulder
Submitter Jeroen Mulder
Submitter Website https://jrjmulder.nl
Views 3558
Verified No
WPVDB ID 10020

Timeline

Publicly Published 2020-01-13 (about 2 months ago)
Added 2020-01-13 (about 2 months ago)
Last Updated 2020-01-14 (about 1 month ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin