Login/Signup Popup < 1.5 - Authenticated Stored Cross-Site Scripting (XSS)



Description
"A lack of capability checks and security nonce allows any authenticated user to inject, via the AJAX API, JavaScript code into the plugin’s settings and to use it to target the administrator in the backend of WordPress. The vulnerability has been exploited for a couple of days."

Affects Plugin

References

URL https://blog.nintechnet.com/zero-day-vulnerability-fixed-in-wordpress-login-signup-popup-plugin/
URL https://plugins.trac.wordpress.org/changeset/2304979/easy-login-woocommerce

Classification

Type PRIVESC
OWASP Top 10 A2: Broken Authentication and Session Management
CWE CWE-269

Miscellaneous

Original Researcher Jerome Braundet (NinTechNet)
Views 1533
Verified No
WPVDB ID 10225

Timeline

Publicly Published 2020-05-14 (12 days ago)
Added 2020-05-14 (11 days ago)
Last Updated 2020-05-19 (6 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin