WordPress Ad Inserter Cross Site Scripting

WordPress Ad Inserter versions prior to 2.7.12 suffer from a cross site scripting vulnerability.


MD5 | 970c84e2ae4836a6641c5762b3fa5190

Tittle:
WordPress Plugin Ad Inserter < 2.7.12 - Reflected Cross-Site Scripting

References:
CVE-2022-0901

Author:
Taurus Omar

Description:
The plugins do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters

Affects Plugins:
ad-inserter
ad-inserter-pro
Fixed in version 2.7.12

Proof of Concept:
In a browser which does not encode characters:
https://example.com/wp-admin/options-general.php?page=ad-inserter.php&start=2&tab=\"><iframe/onload=alert(1)></iframe>

Classification
Type XSS
OWASP top 10 A7: Cross-Site Scripting (XSS)
CWE-79

wpScan:
https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba

Related Posts