Fruitful Theme < 3.8.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)



Description
The Fruitful WordPress theme, version 3.8 and possibly below, was affected by an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability.

The vulnerability was patched in version 3.8.1 of the Theme, although the changelog file only mentions:

"Bug fix: Fixed issues on comment form"
Proof of Concept
Add a Cross-Site Scripting (XSS) payload to the 'Name' field of the comment section and submit the form.

This will result in the following HTTP Post body:

comment=This+is+a+test+comment.&author=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3E%3C%22&email=&url=&submit=Post+Comment&comment_post_ID=1&comment_parent=0

Affects Theme

fixed in version 3.8.1

References

ExploitDB 48083
PacketStorm 156390
URL https://github.com/Fruitfulcode/Fruitful/issues/58

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Ultra Security Team (Ashkan Moghaddas , AmirMohammad Safari)
Views 3493
Verified Yes
WPVDB ID 10085

Timeline

Publicly Published 2020-02-17 (4 months ago)
Added 2020-02-24 (3 months ago)
Last Updated 2020-03-13 (3 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin