EU Cookie Law < 3.1.3 - Authenticated Stored Cross-Site Scripting (XSS)



Description
By exploiting the documented vulnerability, an authenticated attacker with high privileges (administrator) can execute JavaScript code in a victim's browser. By default, in WordPress, administrator users are allowed to inject JavaScript as they have the unfiltered_html capability. The affected form also had Cross-Site Request Forgery (CSRF) protections in place, further lowering the risk of the issue.

The vendor released a fix in version 3.1 but it was not sufficient as it could be easily bypassed.

Due to the mitigating factors, this issue is extremely low risk.

Affects Plugin

fixed in version 3.1.3

References

CVE 2019-16522
URL https://wordpress.org/support/topic/security-waring-by-shield-security/
URL https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-01_WordPress_Plugin_EU_Cookie_Law
URL https://plugins.trac.wordpress.org/changeset/2176080
URL https://plugins.trac.wordpress.org/changeset/2329416/eu-cookie-law

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Tobias Fink (SBA Research)
Views 5179
Verified No
WPVDB ID 9918

Timeline

Publicly Published 2019-10-16 (9 months ago)
Added 2019-10-16 (9 months ago)
Last Updated 2020-06-24 (9 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin