CVE-2023-0099
published 2023-02-13CVE-2023-0099: The Simple URLs WordPress plugin before 115 does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected…
PriorityP335medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
1.73%
74.7th percentile
The Simple URLs WordPress plugin before 115 does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| getlasso | simple_urls | < 115 | 115 |
Detection & IOCsextracted from sources · hover to see the quote
- →The reflected XSS payload is triggered via unsanitized parameters echoed back in page output; monitor HTTP responses from Simple URLs plugin pages for unescaped user-supplied input reflected in the body, particularly parameters associated with 'search_term'. ↗
- →Attacks are likely targeted at high-privilege users (e.g., admin); look for suspicious requests to Simple URLs plugin pages originating from or delivered to admin-level sessions. ↗
- →The Sigma rule digest for this detection is 4b0a004830460221008d1325b4bc2e95c13fd20a942410e19469c088b14f254097c9363981fecc3640022100fcea4021a4fc5c733db9a42c93d612de7b40dad1160623463aed52cc7f0168b2 (namespace 922c64590222798bb761d5b6d8e72950); use this to verify rule integrity.
- ·The vulnerability affects Simple URLs WordPress plugin versions before 115 only; ensure version scoping is applied when deploying detections to avoid false positives on patched installations. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Simple URLs < 115 - Cross Site Scripting
nuclei·CVSS 6.1
CVE-2023-0099 [MEDIUM] Simple URLs < 115 - Cross Site Scripting
Simple URLs ")'
- 'contains(body_2, "search_term")'
condition: and
# digest: 4b0a004830460221008d1325b4bc2e95c13fd20a942410e19469c088b14f254097c9363981fecc3640022100fcea4021a4fc5c733db9a42c93d612de7b40dad1160623463aed52cc7f0168b2:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
http://packetstormsecurity.com/files/176983/WordPress-Simple-URLs-Cross-Site-Scripting.htmlhttps://wpscan.com/vulnerability/fd50f2d6-e420-4220-b485-73f33227e8f8http://packetstormsecurity.com/files/176983/WordPress-Simple-URLs-Cross-Site-Scripting.htmlhttps://wpscan.com/vulnerability/fd50f2d6-e420-4220-b485-73f33227e8f8
2023-02-13
Published