Shiny Buttons <= 1.1.0 - Unauthenticated Stored Cross-Site Scripting
CVE-2021-24792

6.1MEDIUM

Key Information:

Vendor: Wordpress
Status: Shiny Buttons – Css3 Button Generator For WordPress
Vendor: CVE Published:; 13 December 2021

Summary

The Shiny Buttons WordPress plugin through 1.1.0 does not have any authorisation and CSRF in place when saving a template (wpbtn_save_template function hooked to the init action), nor sanitise and escape them before outputting them in the admin dashboard, which allow unauthenticated users to add a malicious template and lead to Stored Cross-Site Scripting issues.

Affected Version(s)

Shiny Buttons – CSS3 Button Generator for WordPress 1.1.0

References

https://wpscan.com/vulnerability/29514d8e-9d1c-4fb6-b378-...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 13, 2021
Vulnerability Reserved
Jan 14, 2021

Credit

Vishal Mohan