Xenon Theme < 1.3 - Unauthenticated Cross-Site Scripting (XSS)



Description
The premium Xenon WordPress theme was found to be vulnerable to Unauthenticated Cross-Site Scripting (XSS) in the "q" parameter of the /data/typeahead-generate.php page. The affected version of the plugin was 1.3 and below, however, the vendor fixed the vulnerability but did not bump the version number. Therefore it is impossible to know which versions have been patched, or not. This issue will be updated as soon as we are aware that a new version, with the fix, has been released. If this has happened and we have not updated it yet, please contact us and we'll update this issue.
Proof of Concept
1. go to this path /data/typeahead-generate.php

2. enter this payload <img src=x onerror=alert(1)> in q parameter

Affects Theme

no known fix

References

CVE 2020-14010
URL https://knassar702.github.io/cve/xenon/

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Khaled Nassar
Views 570
Verified No
WPVDB ID 10269

Timeline

Publicly Published 2020-03-26 (4 months ago)
Added 2020-06-15 (24 days ago)
Last Updated 2020-06-16 (23 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin