Stored Cross-Site Scripting in WordPress File Sharing Plugin by WordPress
CVE-2023-4636

4.8MEDIUM

Key Information:

Vendor: Wordpress
Status: WordPress File Sharing Plugin
Vendor: CVE Published:; 5 September 2023

Badges

👾 Exploit Exists🟡 Public PoC

Summary

The WordPress File Sharing Plugin is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping in the admin settings. This vulnerability allows authenticated attackers with administrator-level permissions to inject malicious web scripts that execute upon user access to affected pages. It primarily impacts multi-site installations and those where unfiltered_html has been disabled, heightening the risk for site administrators and users.

Affected Version(s)

WordPress File Sharing Plugin * <= 2.0.3

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-4636
Created by ThatNotEasy

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://github.com/xsn1210/vul2/blob/main/xss%5BWordPress...

https://plugins.trac.wordpress.org/changeset/2961909/user...

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

🟡
Public PoC available
Dec 13, 2023
👾
Exploit known to exist
Dec 13, 2023
Vulnerability published
Sep 5, 2023
Vulnerability Reserved
Aug 30, 2023

Credit

Shuning Xu