Custom Community Theme 2.0 - 2.0.24 - Stored XSSSign up to our free email alerts service for instant vulnerability notifications!
An AJAX action named ‘cc2_advanced_settings_save’ is registered both with and without the ‘nopriv’ prefix. This allows anonymous execution of this AJAX action. The ‘settings[custom_css]’ form field accepts user input, without encoding or validation. This input is then output on every page on the front-end of the site, so long as the Theme is active. This allows for a site-wide, Persistent XSS attack.
fixed in version 2.0.25
|OWASP Top 10||A3: Cross-Site Scripting (XSS)|
|Publicly Published||2015-03-09 (over 2 years ago)|
|Added||2015-03-09 (over 2 years ago)|
|Last Updated||2015-05-15 (about 2 years ago)|
Copyright & License
|Copyright||All data and resources contained within this page and this web site is Copyright © The WPScan Team.|
|License||Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.|