Headline
CVE-2023-3387: Changeset 2929913 for lana-text-to-image – WordPress Plugin Repository
The Lana Text to Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘lana_text_to_image’ and ‘lana_text_to_img’ shortcode in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Timestamp:
06/23/2023 04:08:18 AM (24 hours ago)
lanacodes
Message:
Version update
Location:
lana-text-to-image/trunk
Files:
- lana-text-to-image.php (4 diffs)
- readme.txt (4 diffs)
Legend:
Unmodified
Added
Removed
lana-text-to-image/trunk/lana-text-to-image.php
r2641161
r2929913
2
2
/\*\*
3
3
\* Plugin Name: Lana Text to Image
4
\* Plugin URI: http://lana.codes/lana-product/lana-text-to-image/
4
\* Plugin URI: https://lana.codes/product/lana-text-to-image/
5
5
\* Description: Easy to use text to image shortcode.
6
\* Version: 1.0.0
6
\* Version: 1.1.0
7
7
\* Author: Lana Codes
8
\* Author URI: http://lana.codes/
8
\* Author URI: https://lana.codes/
9
9
\* Text Domain: lana-text-to-image
10
10
\* Domain Path: /languages
…
…
12
12
13
13
defined( 'ABSPATH' ) or die();
14
define( 'LANA\_TEXT\_TO\_IMAGE\_VERSION', '1.0.0' );
14
define( 'LANA\_TEXT\_TO\_IMAGE\_VERSION', '1.1.0' );
15
15
define( 'LANA\_TEXT\_TO\_IMAGE\_DIR\_URL', plugin\_dir\_url( \_\_FILE\_\_ ) );
16
16
define( 'LANA\_TEXT\_TO\_IMAGE\_DIR\_PATH', plugin\_dir\_path( \_\_FILE\_\_ ) );
…
…
95
95
imagedestroy( $image );
96
96
97
$image = sprintf( '<img src="data:image/png;base64,%s" class="%s" alt="%s">', base64\_encode( $image\_data ), implode( ' ', $classes ), esc\_attr( $a\['alt'\] ) );
97
$image = sprintf( '<img src="data:image/png;base64,%s" class="%s" alt="%s">', esc\_attr( base64\_encode( $image\_data ) ), esc\_attr( implode( ' ', $classes ) ), esc\_attr( $a\['alt'\] ) );
98
98
99
99
return $image;
…
…
179
179
}
180
180
181
add\_action( 'init', 'lana\_text\_to\_image\_add\_mce\_shortcodes\_buttons' );
181
add\_action( 'admin\_init', 'lana\_text\_to\_image\_add\_mce\_shortcodes\_buttons' );
lana-text-to-image/trunk/readme.txt
r2641161
r2929913
1
1
\=== Lana Text to Image ===
2
2
Contributors: lanacodes
3
Donate link: https://www.paypal.com/donate/?hosted\_button\_id=F34PNECNYHSA4
3
4
Tags: text to image, privacy, security, shortcode
4
5
Requires at least: 4.0
5
Tested up to: 5.8
6
Stable tag: 1.0.0
6
Tested up to: 6.2
7
Stable tag: 1.1.0
7
8
License: GPLv2 or later
8
9
License URI: http://www.gnu.org/licenses/gpl-2.0.html
…
…
37
38
38
39
\= Lana Codes =
39
\[Lana Shortcodes\](http://lana.codes/lana-product/lana-text-to-image/)
40
\[Lana Shortcodes\](https://lana.codes/product/lana-text-to-image/)
40
41
41
42
\== Installation ==
…
…
60
61
61
62
\= Lana Codes =
62
\[Support\](http://lana.codes/contact/)
63
\[Support\](https://lana.codes/contact/)
63
64
64
65
\= WordPress Forum =
…
…
72
73
\== Changelog ==
73
74
75
\= 1.1.0 =
76
\* security: fixed stored XSS vulnerability
77
\* change tinymce shortcode button add in 'admin\_init' hook
78
74
79
\= 1.0.0 =
75
80
\* Added Lana Text to Image
81
82
\== Upgrade Notice ==
83
84
\= 1.1.0 =
85
This version fixes a security vulnerability. Upgrade recommended.
Note: See TracChangeset for help on using the changeset viewer.