wordpress-social-login

vulnerability cross site scripting (xss) stored
severity 6.4
language php
registry other

✍️ Description

Stored XSS, firing on almost every admin page input. Also for the Login page.

🕵️‍♂️ Proof of Concept

1) Install the Plugin from https://github.com/miled/wordpress-social-login
2) Go to settings Page Widget Tab
3) Insert "><script>alert(123)</script>
4) Hit save. XSS will fire
5) Go to yourwordpress.com/wp-admin and see XSS fired also here

POC Video:
https://d.pr/v/8GqACk

💥 Impact

Cookie Stealing - A malicious user can steal cookies and use them to gain access to the application. Arbitrary requests - An attacker can use XSS to send requests that appear to be from the victim to the web server. Malware download - XSS can prompt the user to download malware. Since the prompt looks like a legitimate request from the site, the user may be more likely to trust the request and actually install the malware. Defacement - attacker can deface the website usig javascript code.