CVE-2021-24320
published 2021-06-01CVE-2021-24320: The Bello - Directory & Listing WordPress theme before 1.6.0 did not properly sanitise and escape its listing_list_view, bt_bb_listing_field_my_lat…
PriorityP343medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
10.77%
95.3th percentile
The Bello - Directory & Listing WordPress theme before 1.6.0 did not properly sanitise and escape its listing_list_view, bt_bb_listing_field_my_lat, bt_bb_listing_field_my_lng, bt_bb_listing_field_distance_value, bt_bb_listing_field_my_lat_default, bt_bb_listing_field_keyword, bt_bb_listing_field_location_autocomplete, bt_bb_listing_field_price_range_from and bt_bb_listing_field_price_range_to parameter in ints listing page, leading to reflected Cross-Site Scripting issues.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bold-themes | bello | < 1.6.0 | 1.6.0 |
| boldthemes | bello_directory_listing | >= 1.6.0 < 1.6.0 | 1.6.0 |
Detection & IOCsextracted from sources · hover to see the quote
otheralert(document.domain)
- →Monitor GET/POST requests to the listing page for unsanitised values in the parameters: listing_list_view, bt_bb_listing_field_my_lat, bt_bb_listing_field_my_lng, bt_bb_listing_field_distance_value, bt_bb_listing_field_my_lat_default, bt_bb_listing_field_keyword, bt_bb_listing_field_location_autocomplete, bt_bb_listing_field_price_range_from, bt_bb_listing_field_price_range_to — any of these carrying script/XSS payloads indicates exploitation. ↗
- →Nuclei/scanner probe for this CVE checks for HTTP 200 response with Content-Type: text/html and the XSS payload reflected in the body; alert on matching response signatures.
- →The vulnerability affects Bello - Directory & Listing WordPress theme versions before 1.6.0; flag installations running older versions as at-risk. ↗
- ·The Nuclei template digest/signature is embedded in the scanner rule and is not itself an IOC; it is used for template integrity verification only.
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2021-24320 [MEDIUM] WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting
WordPress Bello Directory & Listing Theme alert(document.domain)"
- type: word
part: header
words:
- text/html
- type: status
status:
- 200
# digest: 4b0a00483046022100d63a79cd8ba6e6b0b403b2b2a7736141ee7b4d0d428eb969bb2aae703021e2e1022100f4b8824fde477621f77b425c9f923750bf4cddf4799e08ac266bc80cab7e7a51:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
https://m0ze.ru/vulnerability/%5B2021-03-21%5D-%5BWordPress%5D-%5BCWE-79%5D-Bello-WordPress-Theme-v1.5.9.txthttps://wpscan.com/vulnerability/6b5b42fd-028a-4405-b027-3266058029bbhttps://m0ze.ru/vulnerability/%5B2021-03-21%5D-%5BWordPress%5D-%5BCWE-79%5D-Bello-WordPress-Theme-v1.5.9.txthttps://wpscan.com/vulnerability/6b5b42fd-028a-4405-b027-3266058029bb
2021-06-01
Published