WebP Express <= 0.14.4 - Authenticated Stored XSS



Description
Edit - WPScanTeam: The reported issue has been fixed in 0.14.5. Other sanitisation checks have been implemented in newest versions (such as 0.14.6 and 0.14.8) while the plugin was closed, so the fixed in is set to 0.14.8
Proof of Concept
Video POC : https://drive.google.com/file/d/1TtiTruCEGGg3U7LDC10gacvNfbGku6Gi/view?usp=sharing

Affects Plugin

fixed in version 0.14.8

References

CVE 2019-15837
URL https://plugins.trac.wordpress.org/changeset?reponame=&new=2109698%40webp-express&old=2108592%40webp-express

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher M0ns7er
Submitter Akash Labade
Submitter Website https://www.asfaleia.tech
Submitter Twitter akash_labade
Views 2993
Verified Yes
WPVDB ID 9389

Timeline

Publicly Published 2019-06-26 (3 months ago)
Added 2019-06-26 (3 months ago)
Last Updated 2019-08-30 (23 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin