Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-1259: class-hotjar.php in hotjar/tags/1.0.14/includes – WordPress Plugin Repository

The Hotjar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the hotjar_site_id in versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

CVE
Open in Source
#xss#web#js#wordpress#php#auth

Line

1

<?php

2

if ( ! defined( ‘ABSPATH’ ) ) {

3

    exit;

4

}

5

6

class Hotjar {

7

8

    public function \_\_construct()

9

    {

10

11

    }

12

13

    public function init()

14

    {

15

            $this\->init\_admin();

16

    $this\->enqueue\_script();

17

    $this\->enqueue\_admin\_styles();

18

    }

19

20

    public function init\_admin() {

21

            register\_setting( 'hotjar', 'hotjar\_site\_id' );

22

    add\_action( 'admin\_menu', array( $this, 'create\_nav\_page' ) );

23

    }

24

25

    public function create\_nav\_page() {

26

            add\_options\_page(

27

              esc\_html\_\_( 'Hotjar', 'hotjar' ),

28

              esc\_html\_\_( 'Hotjar', 'hotjar' ),

29

              'manage\_options',

30

              'hotjar\_settings',

31

              array($this,'admin\_view')

32

            );

33

    }

34

35

    public static function admin\_view()

36

    {

37

            require\_once plugin\_dir\_path( \_\_FILE\_\_ ) . '/../admin/views/settings.php';

38

    }

39

40

    public static function hotjar\_script()

41

    {

42

            $hotjar\_site\_id \= get\_option( 'hotjar\_site\_id' );

43

            $is\_admin \= is\_admin();

44

45

            $hotjar\_site\_id \= trim($hotjar\_site\_id);

46

            if (!$hotjar\_site\_id) {

47

                    return;

48

            }

49

50

            if ( $is\_admin ) {

51

                    return;

52

            }

53

54

            echo "

55

            <script>

56

            (function(h,o,t,j,a,r){

57

                    h.hj=h.hj||function(){(h.hj.q=h.hj.q||\[\]).push(arguments)};

58

                    h.\_hjSettings={hjid:" . $hotjar\_site\_id . ",hjsv:5};

59

                    a=o.getElementsByTagName('head')\[0\];

60

                    r=o.createElement('script');r.async=1;

61

                    r.src=t+h.\_hjSettings.hjid+j+h.\_hjSettings.hjsv;

62

                    a.appendChild(r);

63

            })(window,document,'//static.hotjar.com/c/hotjar-','.js?sv=');

64

            </script>

65

            ";

66

    }

67

68

    private function enqueue\_script() {

69

            add\_action( 'wp\_head', array($this, 'hotjar\_script') );

70

    }

71

72

private function enqueue\_admin\_styles() {

73

    add\_action( 'admin\_enqueue\_scripts', array($this, 'hotjar\_admin\_styles' ) );

74

}

75

76

public static function hotjar\_admin\_styles() {

77

    wp\_register\_style( 'hotjar\_custom\_admin\_style', plugins\_url( '../admin/static/hotjar-admin.css', \_\_FILE\_\_ ), array(), '20190701', 'all' );

78

    wp\_enqueue\_style( 'hotjar\_custom\_admin\_style' );

79

}

80

81

}

82

83

?>

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE