header-logo
Suggest Exploit
vendor:
WordPress File Upload Plugin
by:
Faiyaz Ahmad
4.1
CVSS
MEDIUM
Stored Cross-Site Scripting (XSS)
79
CWE
Product Name: WordPress File Upload Plugin
Affected Version From: 4.23.3
Affected Version To: 4.23.3
Patch Exists: YES
Related CWE: CVE-2023-4811
CPE: a:wordpress:wordpress_file_upload:4.23.3
Metasploit:
Other Scripts: https://www.infosecmatter.com/list-of-metasploit-windows-exploits-detailed-spreadsheet/
Platforms Tested: WordPress
2023

WordPress File Upload < 4.23.3 Stored XSS

A Stored Cross-Site Scripting (XSS) vulnerability exists in WordPress File Upload plugin version 4.23.3 and prior. By inserting a malicious shortcode in a post, an attacker can trigger an XSS attack when a file is uploaded, leading to potential script execution in the victim's browser. This vulnerability has been assigned CVE-2023-4811.

Mitigation:

To mitigate this vulnerability, users should update the WordPress File Upload plugin to version 4.23.3 or above. Additionally, it is recommended to sanitize user inputs and avoid executing untrusted code.
Source

Exploit-DB raw data:

Exploit Title: WordPress File Upload < 4.23.3 Stored XSS (CVE 2023-4811)
Date: 18 December 2023
Exploit Author: Faiyaz Ahmad
Vendor Homepage: https://wordpress.com/
Version: 4.23.3
CVE : CVE 2023-4811

Proof Of Concept:

1. Login to the wordpress account

2. Add the following shortcode to a post in "File Upload Plugin":

[wordpress_file_upload redirect="true" redirectlink="*javascript:alert(1)*"]

3. Upload any file on the resulting post.
4. After the upload completes, you will see the XSS alert in the browser.

Navigation

Suggest Exploit

Services By CQR