YOP Poll <= 5.7.3 - Reflected Cross-Site Scripting (XSS)
Sign up to our free email alerts service for instant vulnerability notifications!Description | The YOP Poll plugin exposes a number of AJAX requests to the public (see lines 15-40 in th efile yop-poll/inc/admin.php). An XSS vulnerability has been found in at least one of these functions – namely yop_poll_set_wordpress_vote. This function is available to both registered and non-registered users. The fields that are vulnerable are Base64 encoded (see lines 859 to 912 of yop-poll/inc/admin.php), meaning any attacks performed will bypass not only the auto-escaping on quotes performed by WordPress/PHP, but also any XSS-prevention methods implemented by browsers. |
Proof of Concept |
|
Affects Plugin
fixed in version 5.7.4
|
References
URL | https://research.g0blin.co.uk/g0blin-00051/ |
Classification
Type | XSS |
OWASP Top 10 | A3: Cross-Site Scripting (XSS) |
CWE | CWE-79 |
Miscellaneous
Submitter | James Hooker |
Submitter Website | https://research.g0blin.co.uk |
Submitter Twitter | g0blinResearch |
Views | 221 |
Verified | No |
WPVDB ID | 8083 |
Timeline
Publicly Published | 2015-07-08 (almost 3 years ago) |
Added | 2015-07-08 (almost 3 years ago) |
Last Updated | 2015-07-08 (almost 3 years ago) |
Copyright & License
Copyright | All data and resources contained within this page and this web site is Copyright © The WPScan Team. |
License | Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us. |