WP Postratings < 1.86.1 - Admin+ Stored Cross-Site Scripting
CVE-2021-25117

4.8MEDIUM

Key Information:

Vendor: Wordpress
Status: WP-postratings
Vendor: CVE Published:; 16 January 2024

Badges

👾 Exploit Exists🟡 Public PoC

Summary

The WP-PostRatings plugin for WordPress versions prior to 1.86.1 contains a vulnerability that arises from a lack of proper sanitization for the postratings_image parameter within its options page. This issue permits potential malicious exploitation, especially when the unfiltered_html capability is enabled for non-admin users or if they are able to manipulate data before it reaches the intended endpoints. Although access to the affected dashboard is limited to administrators and includes basic CSRF protections, the failure to sanitize this parameter can lead to serious ramifications if exploited. Site owners using this plugin should update to the latest version to mitigate any potential risks associated with this input validation flaw.

Affected Version(s)

WP-PostRatings 0 < 1.86.1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2021-25117 - Proof of Concept

References

https://wpscan.com/vulnerability/d2d9a789-edae-4ae1-92af-...

exploitvdb-entrytechnical-description

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

🟡
Public PoC available
Jan 16, 2024
👾
Exploit known to exist
Jan 16, 2024
Vulnerability published
Jan 16, 2024
Vulnerability Reserved
Jan 14, 2021

Credit

Park Won Seok

WPScan