header-logo
Suggest Exploit
vendor:
Picture Gallery
by:
Aryan Chehreghani
8.3
CVSS
HIGH
Stored Cross-Site Scripting (XSS)
79
CWE
Product Name: Picture Gallery
Affected Version From: 1.4.2002
Affected Version To: 1.4.2002
Patch Exists: NO
Related CWE:
CPE: a:picture_gallery:picture_gallery:1.4.2
Metasploit:
Other Scripts:
Platforms Tested: Windows 10
2021

WordPress Plugin Picture Gallery 1.4.2 – ‘Edit Content URL’ Stored Cross-Site Scripting (XSS)

The WordPress Plugin Picture Gallery 1.4.2 is vulnerable to stored cross-site scripting (XSS) attacks. An attacker can exploit this vulnerability by injecting malicious JavaScript code into the 'Edit Content URL' input field in the admin panel. When the code is triggered, it executes in the context of the affected website, allowing the attacker to steal sensitive information or perform unauthorized actions on behalf of the user.

Mitigation:

To mitigate this vulnerability, users are advised to update to the latest version of the Picture Gallery plugin. Additionally, input validation and output encoding should be implemented to prevent XSS attacks.
Source

Exploit-DB raw data:

# Exploit Title: WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)
# Date: 2021-08-06 
# Exploit Author: Aryan Chehreghani
# Software Link: https://wordpress.org/plugins/picture-gallery/
# Version: 1.4.2
# Tested on: Windows 10

How to Reproduce this Vulnerability:

1. Install WordPress 5.8
2. Install and activate  Picture Gallery - Frontend Image Uploads, AJAX Photo List
3. Navigate to admin menu wrap >> Picture Gallery >> Options >> Access Control Tab >> enter the XSS payload into the Edit Content URL input field.
4. Click Save Changes.
5. You will observe that the payload successfully got stored into the database and when you are triggering the same functionality at that time JavaScript payload is executing successfully and we are getting a pop-up.
6. Payload Used: "><script>alert(document.cookie)</script>

Navigation

Suggest Exploit

Services By CQR