Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-3388: Changeset 2857982 for beautiful-and-responsive-cookie-consent – WordPress Plugin Repository

The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘nsc_bar_content_href’ parameter in versions up to, and including, 2.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. A partial patch was made available in 2.10.1 and the issue was fully patched in 2.10.2.

CVE
Open in Source
#xss#web#js#wordpress#php#auth

Timestamp:

01/31/2023 10:27:12 PM (5 months ago)

nikelschubert

Message:

2.10.1

  • Fix: Authentication issues.
  • Fix: XXS vulnerabulity fixed.

Location:

beautiful-and-responsive-cookie-consent/trunk

Files:

  • class/class-nsc_bar_frontend.php (1 diff)
  • class/class-nsc_bar_input_validation.php (2 diffs)
  • class/class-nsc_bar_save_form_fields.php (1 diff)
  • nsc_bar-cookie-consent.php (2 diffs)
  • plugin-configs.json (2 diffs)
  • readme.txt (2 diffs)

Legend:

Unmodified

Added

Removed

  • beautiful-and-responsive-cookie-consent/trunk/class/class-nsc_bar_frontend.php

    r2845077

    r2857982

268

268

269

269

        if (!empty($link) && !empty($link\_text)) {

270

 

            $link\_html = "<a class='cc-link' id='nsc-bar-customLink'" . $target . " href='" . $link . "'>" . $link\_text . "</a>";

 

270

            $link\_html = "<a class='cc-link' id='nsc-bar-customLink'" . $target . " href='" . esc\_url\_raw($link) . "'>" . esc\_html($link\_text) . "</a>";

271

271

        }

272

272

        return $link\_html;

  • beautiful-and-responsive-cookie-consent/trunk/class/class-nsc_bar_input_validation.php

    r2693282

    r2857982

35

35

                $return = $this->nsc\_bar\_bara\_custom\_services($return);

36

36

                break;

 

37

            case "nsc\_bar\_link\_input":

 

38

                $return = $this->nsc\_bar\_link\_input($return);

 

39

                break;

 

40

            case "nsc\_bar\_text\_only":

 

41

                $return = $this->nsc\_bar\_text\_only($return);

 

42

                break;

37

43

        }

38

44

        $return = apply\_filters('nsc\_bar\_filter\_input\_validation', $return, $extra\_validation\_value);

…

…

 

44

50

        $cleandValue = stripslashes($input);

45

51

        return sanitize\_text\_field($cleandValue);

 

52

    }

 

53

 

54

    public function nsc\_bar\_link\_input($input)

 

55

    {

 

56

        $input = esc\_url\_raw($input);

 

57

        return $input;

 

58

    }

 

59

 

60

    public function nsc\_bar\_text\_only($input)

 

61

    {

 

62

        $input = esc\_attr($input);

 

63

        return $input;

46

64

    }

47

65

  • beautiful-and-responsive-cookie-consent/trunk/class/class-nsc_bar_save_form_fields.php

    r2453163

    r2857982

16

16

    public function nsc\_bar\_save\_submitted\_form\_fields()

17

17

    {

 

18

 

19

        if (current\_user\_can($this->plugin\_settings->settings\_page\_configs->capability) === false) {

 

20

            return false;

 

21

        }

18

22

19

23

        $updated = $this->save\_settings(null);

  • beautiful-and-responsive-cookie-consent/trunk/nsc_bar-cookie-consent.php

    r2845077

    r2857982

4

4

Description: An easy way to get a beautiful GDPR Cookie Consent Banner. Customize it to match your compliance requirements and website layout. Highly customisable and responsive.

5

5

Author: Beautiful Cookie Banner

6

 

Version: 2.10.0

 

6

Version: 2.10.1

7

7

Author URI: https://beautiful-cookie-banner.com

8

8

Text Domain: bar-cookie-consent

…

…

 

32

32

define("NSC\_BAR\_PLUGIN\_VERSION", "2.2");

33

33

define("NSC\_BAR\_SLUG\_DBVERSION", "nsc\_bar\_db\_version");

34

 

define("NSC\_BAR\_VERSION", "2.10.0");

 

34

define("NSC\_BAR\_VERSION", "2.10.1");

35

35

36

36

require dirname(\_\_FILE\_\_) . "/class/class-nsc\_bar\_admin\_error.php";

  • beautiful-and-responsive-cookie-consent/trunk/plugin-configs.json

    r2845077

    r2857982

373

373

            "save\_as": "string",

374

374

            "required": false,

375

 

            "extra\_validation\_name": false,

 

375

            "extra\_validation\_name": "nsc\_bar\_link\_input",

376

376

            "pre\_selected\_value": "https://yourdomain/dataprivacy",

377

377

            "helpertext": "URL to your data privacy policy, for example.",

…

…

 

384

384

            "save\_as": "string",

385

385

            "required": false,

386

 

            "extra\_validation\_name": false,

 

386

            "extra\_validation\_name": "nsc\_bar\_text\_only",

387

387

            "pre\_selected\_value": "\_blank",

388

388

            "helpertext": "\_blank: opens in new window, \_self: opens in same window",

  • beautiful-and-responsive-cookie-consent/trunk/readme.txt

    r2845077

    r2857982

6

6

Requires PHP: 5.2.17

7

7

License: GPLv3

8

 

Stable tag: 2.10.0

 

8

Stable tag: 2.10.1

9

9

10

10

\== Description ==

…

…

 

105

105

\== Changelog ==

106

106

 

107

\= 2.10.1 =

 

108

\* Fix: Authentication issues.

 

109

\* Fix: XXS vulnerabulity fixed.

 

110

107

111

\= 2.10.0 =

108

112

\* IMPROVEMENT: performance - js for dataLayer push is not inline anymore.

Note: See TracChangeset for help on using the changeset viewer.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE