Cross-Site Scripting vulnerability in WP e-Commerce plugin for WordPress

vendor:

WP e-Commerce plugin for WordPress

by:

Unknown

5.5

CVSS

MEDIUM

Cross-Site Scripting (XSS)

CWE

Product Name: WP e-Commerce plugin for WordPress

Affected Version From: 3.8.2006

Affected Version To: Unknown

Patch Exists: NO

Related CWE:

CPE: a:wp-ecommerce_project:wp-ecommerce:3.8.6

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

Cross-Site Scripting vulnerability in WP e-Commerce plugin for WordPress

The WP e-Commerce plug-in for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Mitigation:

Apply the latest security patch provided by the vendor. Avoid using untrusted user input without proper sanitization.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/49009/info

The WP e-Commerce plug-in for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.

WP e-Commerce 3.8.6 is vulnerable; other versions may also be affected. 

http://www.example.com/wp-content/plugins/wp-e-commerce/wpsc-theme/wpsc-cart_widget.php?cart_messages[]=%3Cimg%20src=1% 20onerror=javascript:alert%28document.cookie%29%3E