Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-24975: Changeset 2650138 – WordPress Plugin Repository

The NextScripts: Social Networks Auto-Poster WordPress plugin before 4.3.24 does not sanitise and escape logged requests before outputting them in the related admin dashboard, leading to an Unauthenticated Stored Cross-Site Scripting issue

CVE
Open in Source
#xss#google

Timestamp:

12/28/2021 07:26:44 PM (5 weeks ago)

NextScripts

Message:

Version 4.3.24

Location:

social-networks-auto-poster-facebook-twitter-g/trunk

Files:

  • NextScripts_SNAP.php (2 diffs)
  • inc/nxs_class_snap.php (1 diff)
  • inc/nxs_functions_engine.php (1 diff)
  • readme.txt (3 diffs)

Legend:

Unmodified

Added

Removed

  • social-networks-auto-poster-facebook-twitter-g/trunk/NextScripts_SNAP.php

    r2609673

    r2650138

5

5

Description: This plugin automatically publishes posts from your blog to your social media accounts on Facebook, Twitter, LinkedIn, Google+ and 25 more networks.

6

6

Author: NextScripts

7

 

Version: 4.3.23

 

7

Version: 4.3.24

8

8

Author URI: https://www.nextscripts.com

9

9

Text Domain: social-networks-auto-poster-facebook-twitter-g

…

…

 

11

11

\*/

12

12

13

 

define( 'NextScripts\_SNAP\_Version' , '4.3.23' ); define( 'NextScripts\_SNAP\_Version\_Date' , 'Oct 5, 2021' ); require\_once "inc/nxs\_functions\_wp.php"; if(!defined( 'NXSSNAP\_BASENAME' ) ) define( 'NXSSNAP\_BASENAME', plugin\_basename( \_\_FILE\_\_ ) );

 

13

define( 'NextScripts\_SNAP\_Version' , '4.3.24' ); define( 'NextScripts\_SNAP\_Version\_Date' , 'Dec 28, 2021' ); require\_once "inc/nxs\_functions\_wp.php"; if(!defined( 'NXSSNAP\_BASENAME' ) ) define( 'NXSSNAP\_BASENAME', plugin\_basename( \_\_FILE\_\_ ) );

14

14

15

15

if (true===nxs\_doSystemInitCheck()) { //  error\_reporting(E\_ALL); ini\_set('display\_errors', '1');

  • social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_class_snap.php

    r2609158

    r2650138

804

804

            if ($logline\['nt'\]!='') $ntInfo = ' \['.$logline\['nt'\].'\] '; else $ntInfo = '';   

805

805

            if (empty($uidQ) && !empty($logline\['uid'\])) $uu = ' \[User ID:'.$logline\['uid'\].'\]'; else $uu = '';

806

 

            echo '<snap style="color:#008000">\['.$logline\['date'\].'\]</snap>'.$uu.' - <snap style="'.$actSt.'">\['.$logline\['act'\].'\]</snap>'.$ntInfo.'-  <snap style="'.$msgSt.'">'.$logline\['msg'\].'</snap> '.$logline\['extInfo'\].'<br/>';

 

806

            echo '<snap style="color:#008000">\['.$logline\['date'\].'\]</snap>'.$uu.' - <snap style="'.$actSt.'">\['.$logline\['act'\].'\]</snap>'.$ntInfo.'-  <snap style="'.$msgSt.'">'.htmlentities($logline\['msg'\]).'</snap> '.htmlentities($logline\['extInfo'\]).'<br/>';

807

807

          } ?>

808

808

      </div>

  • social-networks-auto-poster-facebook-twitter-g/trunk/inc/nxs_functions_engine.php

    r2609158

    r2650138

119

119

    //## Log Cron Request

120

120

    if (isset($\_GET\['nxs-cronrun'\])) { $\_GET\['nxs-cronrun'\] = sanitize\_text\_field($\_GET\['nxs-cronrun'\]); $contCron = get\_option('nxs\_contCron'); if ($isDebug) echo $\_GET\['nxs-cronrun'\],'('.$contCron.')'; //## Manual/Forced cron request.

121

 

        nxs\_addToLogN('L','NXS Cron Request (Forced)','',number\_format(($tm-$tmL), 2,'.','').'s after the previous one. ', 'CNT: '.$\_GET\['nxs-cronrun'\].'('.$contCron.')'.print\_r($\_SERVER, true));

 

121

        nxs\_addToLogN('L','NXS Cron Request (Forced)','',number\_format(($tm-$tmL), 2,'.','').'s after the previous one. ', 'CNT: '.$\_GET\['nxs-cronrun'\].'('.$contCron.')');

122

122

    } else { //## Cron request from WP itself

123

123

        if ($tm<$tmL2) { nxs\_addToLogN('W', '\*\*WARNING. Unhealthy Cron Request\*\*', ' \[<a target="\_blank" href="https://nxs.fyi/uhcr">More info</a>\] ', 'Too close ('.number\_format(($tm-$tmL), 2,'.','').'s) to the previous one. ', 'Now - '.date\_i18n('H:i:s',$currTime).' | Previous - '.date\_i18n('H:i:s',$tmL+$tmCorr).  '| Cron called from '.(!empty($\_SERVER\["REMOTE\_ADDR"\])?$\_SERVER\["REMOTE\_ADDR"\]:'Unknown IP').' ('.nsTrnc((!empty($\_SERVER\["HTTP\_USER\_AGENT"\])?$\_SERVER\["HTTP\_USER\_AGENT"\]:'Unknown UA'), 70).')', 'cron');  /\* return; \*/ }

  • social-networks-auto-poster-facebook-twitter-g/trunk/readme.txt

    r2609673

    r2650138

6

6

Requires at least: 3.4

7

7

Tested up to: 5.8.1

8

 

Stable tag: 4.3.23

 

8

Stable tag: 4.3.24

9

9

License: GPLv2 or later

10

10

…

…

 

185

185

\== Changelog ==

186

186

187

 

\= 4.3.23 \[10/04/2022\] =

 

187

\= 4.3.24 \[12/28/2021\] =

 

188

 

189

\* Bug Fix - Possible XSS security issue \[WP-2021-12-28\]

 

190

 

191

\= 4.3.23 \[10/04/2021\] =

188

192

189

193

\* Bug Fix - Message in the footer has been removed.

…

…

 

199

203

\* Bug Fix - \[Blogger\] Fatal Error with incorrect token.

200

204

\* Bug Fix - \[vk.com\] Outdated API error message

201

 

\* Bug Fix - Possible XSS security issue

 

205

\* Bug Fix - Possible XSS security issue \[WF-2021-09-29\]

202

206

203

207

\= 4.3.20 \[02/05/2021\] =

Note: See TracChangeset for help on using the changeset viewer.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE