Live Chat Unlimited <= 2.8.3 Stored XSS Injection



Description
Info:
Weak security measures like bad input field data filtering has been discovered in the «Live Chat Unlimited».
Proof of Concept
PoC:
Go to the demo website https://screets.com/try/lcx/night-bird/ and open chat window by clicking on «Open/close» link, then click on «Online mode» to go online. Use your payload inside input field and press [Enter].

Provided example payloads working on the admin area, so it's possible to steal admin cookies or force a redirect to any other website.
Example #1: <!--<img src="--><img src=x onerror=(alert)(`m0ze`)//">m0ze
Example #2: <!--<img src="--><img src=x onerror=(alert)(document.cookie)//">m0ze

Affects Plugin

fixed in version 2.8.4

References

EXPLOITDB 47037
URL https://codecanyon.net/item/wordpress-live-chat-plugin/3952877

Classification

Type XSS
OWASP Top 10 A3: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher m0ze
Submitter m0ze
Submitter Twitter m0ze_ru
Views 1104
Verified No
WPVDB ID 9417

Timeline

Publicly Published 2019-06-26 (28 days ago)
Added 2019-07-02 (21 days ago)
Last Updated 2019-07-08 (15 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin