WordPress Plugin Payments Plugin | GetPaid 2.4.6 - HTML Injection

vendor:

WordPress Payments Plugin | GetPaid

by:

Niraj Mahajan

8,8

CVSS

HIGH

HTML Injection

CWE

Product Name: WordPress Payments Plugin | GetPaid

Affected Version From: 2.4.6

Affected Version To: 2.4.6

Patch Exists: Yes

Related CWE: N/A

CPE: a:invoicing:wordpress_payments_plugin:2.4.6

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2021

WordPress Plugin Payments Plugin | GetPaid 2.4.6 – HTML Injection

The vulnerability exists in the WordPress Payments Plugin | GetPaid version 2.4.6, which allows an attacker to inject malicious HTML code into the 'Help Text' field of the Payment Form page. By exploiting this vulnerability, an attacker can inject malicious HTML code into the database and execute it successfully, resulting in the display of an image on the right hand side.

Mitigation:

The user should update the WordPress Payments Plugin | GetPaid to the latest version to mitigate this vulnerability.

Source

Exploit-DB raw data:

# Exploit Title: WordPress Plugin Payments Plugin | GetPaid 2.4.6 - HTML Injection
# Date: 29/08/2021
# Exploit Author: Niraj Mahajan
# Software Link: https://wordpress.org/plugins/invoicing/
# Version: 2.4.6
# Tested on Windows

*Steps to Reproduce:*
1. Install Wordpress 5.8
2. Install and Activate "WordPress Payments Plugin | GetPaid" Version 2.4.6
3. Navigate to GetPaid > Payment Forms
4. Click on "Add New" in the Payment Form page
5. Add a title and Click on Billing Email
6. You can see the "Help Text" field on the left hand side.
7. Add the below HTML code into the "Help Text" Field.
<img src="
https://www.pandasecurity.com/en/mediacenter/src/uploads/2019/07/pandasecurity-How-do-hackers-pick-their-targets.jpg"
height="200px" width="200px">
8. You will observe that the HTML code has successfully got stored into the database and executed successfully and we are getting an Image at the right hand side.