CVE-2023-30868
published 2023-05-18CVE-2023-30868: Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jon Christopher CMS Tree Page View plugin <= 1.6.7 versions.
PriorityP339medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
4.00%
89.2th percentile
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Jon Christopher CMS Tree Page View plugin <= 1.6.7 versions.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cms_tree_page_view_project | cms_tree_page_view | <= 1.6.7 | — |
| jon_christopher | cms_tree_page_view | n/a – 1.6.7 | — |
Detection & IOCsextracted from sources · hover to see the quote
url/wp-admin/edit.php?page=cms-tpv-page-post&post_type=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E↗
- →Detect exploitation attempts by monitoring HTTP requests to /wp-admin/edit.php with the 'page=cms-tpv-page-post' parameter combined with script injection payloads in the 'post_type' parameter. ↗
- →Alert on HTTP responses containing both the URL-encoded XSS payload '%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' and the string 'CMS Tree Page View' in the body, with a 200 status code — indicating successful reflection. ↗
- →The vulnerability is triggered via the 'post_type' parameter in the CMS Tree Page View admin page; monitor for unescaped script tags or angle brackets in this parameter. ↗
- →Exploitation requires a prior authenticated POST to /wp-login.php; correlate login events followed immediately by the malicious GET request to /wp-admin/edit.php?page=cms-tpv-page-post. ↗
- ·The XSS is reflected (not stored); exploitation requires the victim administrator to click a crafted link. The attack surface is limited to authenticated users with administrator privileges or higher. ↗
- ·The CMS Tree Page View plugin setting 'Select where to show a tree for pages and custom post types' must be enabled for posts for the vulnerable endpoint to be reachable. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Tree Page View Plugin 1.6.7 - Cross Site Scripting (XSS)
exploitdb·2023-06-06·CVSS 7.1
CVE-2023-30868 [HIGH] Tree Page View Plugin 1.6.7 - Cross Site Scripting (XSS)
Tree Page View Plugin 1.6.7 - Cross Site Scripting (XSS)
---
# Exploit Title: Tree Page View Plugin 1.6.7 - Cross Site Scripting (XSS)
# Google Dork: inurl:/wp-content/plugins/cms-tree-page-view/
# Date: 2023-04-24
# Exploit Author: LEE SE HYOUNG (hackintoanetwork)
# Vendor Homepage: https://wordpress.org/plugins/cms-tree-page-view/
# Software Link: https://downloads.wordpress.org/plugin/cms-tree-page-view.1.6.6.zip
# Category: Web Application
# Version: 1.6.7
# Tested on: Debian / WordPress 6.1.1
# CVE : CVE-2023-30868
# Reference: https://patchstack.com/database/vulnerability/cms-tree-page-view/wordpress-cms-tree-page-view-plugin-1-6-7-cross-site-scripting-xss-vulnerability?_s_id=cve
# 1. Technical Description:
The CMS Tree Page View plugin for WordPress has a Reflected Cross-Site Scr
Nuclei
Tree Page View Plugin < 1.6.7 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2023-30868 [MEDIUM] Tree Page View Plugin < 1.6.7 - Cross-Site Scripting
Tree Page View Plugin < 1.6.7 - Cross-Site Scripting
The CMS Tree Page View plugin for WordPress has a Reflected Cross-Site Scripting vulnerability up to version 1.6.7. This is due to the post_type parameter not properly escaping user input. As a result, users with administrator privileges or higher can inject JavaScript code that will execute whenever accessed.
Template:
id: CVE-2023-30868
info:
name: Tree Page View Plugin < 1.6.7 - Cross-Site Scripting
author: r3Y3r53
severity: medium
description: |
The CMS Tree Page View plugin for WordPress has a Reflected Cross-Site Scripting vulnerability up to version 1.6.7. This is due to the post_type parameter not properly escaping user input. As a result, users with administrator privileges or higher can inject JavaScript code that will exec
http://packetstormsecurity.com/files/172730/WordPress-Tree-Page-View-1.6.7-Cross-Site-Scripting.htmlhttps://patchstack.com/database/vulnerability/cms-tree-page-view/wordpress-cms-tree-page-view-plugin-1-6-7-cross-site-scripting-xss-vulnerability?_s_id=cvehttp://packetstormsecurity.com/files/172730/WordPress-Tree-Page-View-1.6.7-Cross-Site-Scripting.htmlhttps://patchstack.com/database/vulnerability/cms-tree-page-view/wordpress-cms-tree-page-view-plugin-1-6-7-cross-site-scripting-xss-vulnerability?_s_id=cve
2023-05-18
Published