Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SuiteDash :: ONE Dashboard® Client Portal : SuiteDash Direct Login plugin <= 1.7.6 versions.

**Solution**

 No fix

No patched version is available.

Found this useful? Thank Rio Darmawan for reporting this vulnerability. Buy a coffee ☕

Rio Darmawan discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Client Portal : SuiteDash Direct Login Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-38476: WordPress Client Portal : SuiteDash Direct Login plugin <= 1.7.6 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Elastic Email Sender plugin <= 1.2.6 versions.

**Solution**

 Fixed

Update the WordPress Elastic Email Sender plugin to the latest available version (at least 1.2.7).

Found this useful? Thank yuyudhn for reporting this vulnerability. Buy a coffee ☕

yuyudhn discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Elastic Email Sender Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.2.7.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-38387: WordPress Elastic Email Sender plugin <= 1.2.6 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Realwebcare WRC Pricing Tables plugin <= 2.3.7 versions.

**Solution**

 No fix

No patched version is available.

Found this useful? Thank Rio Darmawan for reporting this vulnerability. Buy a coffee ☕

Rio Darmawan discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress WRC Pricing Tables Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-38517: WordPress WRC Pricing Tables plugin <= 2.3.7 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Exifography plugin <= 1.3.1 versions.

**Solution**

 No fix

No patched version available.

Found this useful? Thank Rio Darmawan for reporting this vulnerability. Buy a coffee ☕

Rio Darmawan discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Exifography Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-38521: WordPress Exifography plugin <= 1.3.1 - Cross Site Scripting (XSS) - Patchstack

Clcknshop version 1.0.0 suffers from a cross site scripting vulnerability.

    # Exploit Title: Clcknshop 1.0.0 - Reflected XSS# Exploit Author: CraCkEr# Date: 16/08/2023# Vendor: Infosoftbd Solutions# Vendor Homepage: https://infosoftbd.com/# Software Link: https://infosoftbd.com/multitenancy-e-commerce-solution/# Demo: https://kidszone.clckn.shop/# Tested on: Windows 10 Pro# Impact: Manipulate the content of the site# CVE: CVE-2023-4707# CWE: CWE-79 - CWE-74 - CWE-707## GreetingsThe_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09, indoushkaCryptoJob (Twitter) twitter.com/0x0CryptoJob## DescriptionThe attacker can send to victim a link containing a malicious URL in an email or instant messagecan perform a wide variety of actions, such as stealing the victim's session token or login credentialsPath: /collection/allGET parameter 'q' is vulnerable to XSShttps://website/collection/all?q=[XSS]XSS Payloads:jkhrt<script>alert(1)</script>ccnsi[-] Done

Clcknshop 1.0.0 Cross Site Scripting

The Font Awesome 4 Menus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fa' and 'fa-stack' shortcodes in versions up to, and including, 4.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

1<?php2/\*3Plugin Name: Font Awesome 4 Menus4Plugin URI: https://www.newnine.com/plugins/font-awesome-4-menus5Description: Join the retina/responsive revolution by easily adding Font Awesome 4.7.0 icons to your WordPress menus and anywhere else on your site! No programming necessary.6Version: 4.7.07Author: New Nine Media8Author URI: https://www.newnine.com9License: GPLv2 or later10\*/1112/\*13    Copyright 2013-2016  NEW NINE MEDIA  (tel : +1-800-288-9699)1415    This program is free software; you can redistribute it and/or modify16    it under the terms of the GNU General Public License, version 2, as 17    published by the Free Software Foundation.1819    This program is distributed in the hope that it will be useful,20    but WITHOUT ANY WARRANTY; without even the implied warranty of21    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the22    GNU General Public License for more details.2324    You should have received a copy of the GNU General Public License25    along with this program; if not, write to the Free Software26    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA27\*/2829class FontAwesomeFour {3031    public static $defaults \= array(32        'maxcdn\_location' \=> 'https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css',33        'spacing' \=> 1,34        'stylesheet' \=> 'local',35        'version' \=> '4.7.0'36    );3738    function \_\_construct(){39        global $wp\_version;4041        add\_action( 'admin\_enqueue\_scripts', array( $this, 'admin\_enqueue\_scripts' ) );42        add\_action( 'admin\_menu', array( $this, 'admin\_menu' ) );43        add\_action( 'admin\_notices', array( $this, 'admin\_notices' ) );44        add\_action( 'wp\_enqueue\_scripts', array( $this, 'wp\_enqueue\_scripts' ) );4546        add\_filter( 'nav\_menu\_css\_class', array( $this, 'nav\_menu\_css\_class' ) );47        add\_filter( 'walker\_nav\_menu\_start\_el', array( $this, 'walker\_nav\_menu\_start\_el' ), 10, 4 );4849        add\_shortcode( 'fa', array( $this, 'shortcode\_icon' ) );50        add\_shortcode( 'fa-stack', array( $this, 'shortcode\_stack' ) );51    }5253    function admin\_enqueue\_scripts( $hook ){54        if( 'settings\_page\_n9m-font-awesome-4-menus' \== $hook ){55            wp\_enqueue\_style( 'n9m-admin-font-awesome-4', plugins\_url( 'css/font-awesome.min.css', \_\_FILE\_\_ ), false, self::$defaults\[ 'version' \] );56        }57    }5859    function admin\_menu(){60        add\_submenu\_page( 'options-general.php', 'Font Awesome 4 Menus', 'Font Awesome', 'edit\_theme\_options', 'n9m-font-awesome-4-menus', array( $this, 'admin\_menu\_cb' ) );61    }6263    function admin\_menu\_cb(){64        if( $\_POST && check\_admin\_referer( 'n9m-fa' ) ){65            $settings \= array();66            switch( $\_POST\[ 'n9m\_location' \] ){67                case 'local':68                case 'maxcdn':69                case 'none':70                    $settings\[ 'stylesheet' \] \= $\_POST\[ 'n9m\_location' \];71                    break;72                case 'other':73                    $settings\[ 'stylesheet' \] \= 'other';74                    $settings\[ 'stylesheet\_location' \] \= sanitize\_text\_field( $\_POST\[ 'n9m\_location-other-location' \] );75                    break;76            }77            if( isset( $\_POST\[ 'n9m\_text\_spacing' \] ) ){78                $settings\[ 'spacing' \] \= 1;79            } else {80                $settings\[ 'spacing' \] \= 0;81            }82            update\_option( 'n9m-font-awesome-4-menus', $settings );83            print '<div class="updated"><p>Your settings have been saved!</p></div>';84        }85        $settings \= get\_option( 'n9m-font-awesome-4-menus', self::$defaults );86        print ' <div class="wrap">87                    <h2><i class="fa fa-thumbs-o-up"></i> ' . get\_admin\_page\_title() . '</h2>88                    <p>Thank you for using Font Awesome 4 Menus by <a href="https://www.newnine.com" target="\_blank">New Nine</a>! To view available icons, <a href="http://fortawesome.github.io/Font-Awesome/icons/" target="\_blank">click here to visit the Font Awesome website</a>.</p>89                    <form action="' . admin\_url( 'options-general.php?page=n9m-font-awesome-4-menus' ) . '" method="post">90                        <h3>Font Awesome Stylesheet</h3>91                        <p>Select how you want Font Awesome 4&#8217;s stylesheet loaded on your site (if at all):</p>92                        <table class="form-table">93                            <tbody>94                                <tr>95                                    <th scope="row">Load Font Awesome 4 From:</th>96                                    <td>97                                        <fieldset>98                                            <legend class="screen-reader-text"><span>Load Font Awesome 4 From</span></legend>99                                            <label for="n9m\_location-local"><input type="radio" name="n9m\_location" id="n9m\_location-local" value="local"' . ( 'local' \== $settings\[ 'stylesheet' \] ? ' checked' : false ) . '> Local plugin folder (default)</label>100                                            <br />101                                            <label for="n9m\_location-maxcdn"><input type="radio" name="n9m\_location" id="n9m\_location-maxcdn" value="maxcdn"' . ( 'maxcdn' \== $settings\[ 'stylesheet' \] ? ' checked' : false ) . '> Official Font Awesome CDN <span class="description">(<a href="https://www.bootstrapcdn.com/fontawesome/" target="\_blank">Font Awesome CDN powered by MaxCDN</a>)</span></label>102                                            <br />103                                            <label for="n9m\_location-other"><input type="radio" name="n9m\_location" id="n9m\_location-other" value="other"' . ( 'other' \== $settings\[ 'stylesheet' \] ? ' checked' : false ) . '> A custom location:</label> <input type="text" name="n9m\_location-other-location" id="n9m\_location-other-location" placeholder="Enter full url here" class="regular-text" value="' . ( isset( $settings\[ 'stylesheet\_location' \] ) ? $settings\[ 'stylesheet\_location' \] : '' ) . '">104                                            <br />105                                            <label for="n9m\_location-none"><input type="radio" name="n9m\_location" id="n9m\_location-none" value="none"' . ( 'none' \== $settings\[ 'stylesheet' \] ? ' checked' : false ) . '> Don&#8217;t load Font Awesome 4&#8217;s stylesheet <span class="description">(use this if you load Font Awesome 4 elsewhere on your site)</span></label>106                                        </fieldset>107                                    </td>108                                </tr>109                            </tbody>110                        </table>111                        <h3>Icon Spacing</h3>112                        <p>By default, Font Awesome 4 Menus adds a space before or after the icon in your menu. Uncheck the box below to remove this space and give you finer control over your custom styling.</p>113                        <p><label for="n9m\_text\_spacing"><input type="checkbox" name="n9m\_text\_spacing" id="n9m\_text\_spacing" value="1"' . ( 1 \== $settings\[ 'spacing' \] ? ' checked' : false ) . '> Keep the space between my text and my icons <span class="description">(default is checked)</span></label>114                        <p>' . wp\_nonce\_field( 'n9m-fa' ) . '<button type="submit" class="button button-primary">Save Settings</button></p>115                    </form>116                </div>';117    }118119    function admin\_notices(){120        global $current\_user, $pagenow;121        if( isset( $\_REQUEST\[ 'action' \] ) && 'kill-n9m-font-awesome-4-notice' \== $\_REQUEST\[ 'action' \] ){122            update\_user\_meta( $current\_user\->data\->ID, 'n9m-font-awesome-4-notice-hide', 1 );123        }124        $shownotice \= get\_user\_meta( $current\_user\->data\->ID, 'n9m-font-awesome-4-notice-hide', true );125        if( 'plugins.php' \== $pagenow && !$shownotice ){126            print ' <div class="updated is-dismissible">127                        <div style="float: right;"><a href="?action=kill-n9m-font-awesome-4-notice" style="color: #7ad03a; display: block; padding: 8px;">&#10008;</a></div>128                        <p>Thank you for installing Font Awesome Menus 4 by <a href="https://www.newnine.com">New Nine</a>! Want to see what else we&#8217;re up to? Subscribe below to our infrequent updates. You can unsubscribe at any time.</p>129                        <form action="http://newnine.us2.list-manage.com/subscribe/post?u=067bab5a6984981f003cf003d&amp;id=1b25a2aee6" method="post" id="mc-embedded-subscribe-form" name="mc-embedded-subscribe-form" target="\_blank">130                            <p><input type="text" name="FNAME" placeholder="First Name" value="' . ( !empty( $current\_user\->first\_name ) ? $current\_user\->first\_name : '' ) . '"> <input type="text" name="LNAME" placeholder="Last Name" value="' . ( !empty( $current\_user\->last\_name ) ? $current\_user\->last\_name : '' ) . '"> <input type="text" name="EMAIL" placeholder="Email address" required value="' . $current\_user\->user\_email . '"> <input type="hidden" id="group\_1" name="group\[14489\]\[1\]" value="1"> <input type="submit" name="subscribe" value="Join" class="button action"></p>131                        </form>132                    </div>';133        }134    }135136    function nav\_menu\_css\_class( $classes ){137        if( is\_array( $classes ) ){138            $tmp\_classes \= preg\_grep( '/^(fa)(-\\S+)?$/i', $classes );139            if( !empty( $tmp\_classes ) ){140                $classes \= array\_values( array\_diff( $classes, $tmp\_classes ) );141            }142        }143        return $classes;144    }145146    public static function register\_uninstall\_hook(){147        if( current\_user\_can( 'delete\_plugins' ) ){148            delete\_option( 'n9m-font-awesome-4-menus' );149            $users\_with\_meta \= get\_users( array(150                'meta\_key' \=> 'n9m-font-awesome-4-notice-hide',151                'meta\_value' \=> 1152            ) );153            foreach( $users\_with\_meta as $user\_with\_meta ){154                delete\_user\_meta( $user\_with\_meta\->ID, 'n9m-font-awesome-4-notice-hide' );155            }156        }157    }158159    protected function replace\_item( $item\_output, $classes ){160        $settings \= get\_option( 'n9m-font-awesome-4-menus', FontAwesomeFour::$defaults );161        $spacer \= 1 \== $settings\[ 'spacing' \] ? ' ' : '';162163        if( !in\_array( 'fa', $classes ) ){164            array\_unshift( $classes, 'fa' );165        }166167        $before \= true;168        if( in\_array( 'fa-after', $classes ) ){169            $classes \= array\_values( array\_diff( $classes, array( 'fa-after' ) ) );170            $before \= false;171        }172173        $icon \= '<i class="' . implode( ' ', $classes ) . '"></i>';174175        preg\_match( '/(<a.+>)(.+)(<\\/a>)/i', $item\_output, $matches );176        if( 4 \=== count( $matches ) ){177            $item\_output \= $matches\[1\];178            if( $before ){179                $item\_output .= $icon . '<span class="fontawesome-text">' . $spacer . $matches\[2\] . '</span>';180            } else {181                $item\_output .= '<span class="fontawesome-text">' . $matches\[2\] . $spacer . '</span>' . $icon;182            }183            $item\_output .= $matches\[3\];184        }185        return $item\_output;186    }187    188    function shortcode\_icon( $atts ){189        $a \= shortcode\_atts( array(190            'class' \=> ''191        ), $atts );192        if( !empty( $a\[ 'class' \] ) ){193            $class\_array \= explode( ' ', $a\[ 'class' \] );194            if( !in\_array( 'fa', $class\_array ) ){195                $class\_array\[\] \= 'fa';196            }197            return '<i class="' . implode( ' ', $class\_array ) . '"></i>';198        }199    }200    201    function shortcode\_stack( $atts, $content \= null ){202        $a \= shortcode\_atts( array(203            'class' \=> ''204        ), $atts );205        $class\_array \= array();206        if( empty( $a\[ 'class' \] ) ){207            $class\_array \= array( 'fa-stack' );208        } else {209            $class\_array \= explode( ' ', $a\[ 'class' \] );210            if( !in\_array( 'fa-stack', $class\_array ) ){211                $class\_array\[\] \= 'fa-stack';212            }213        }214        return '<span class="' . implode( ' ', $class\_array ) . '">' . do\_shortcode( $content ) . '</span>';215    }216217    function walker\_nav\_menu\_start\_el( $item\_output, $item, $depth, $args ){218        if( is\_array( $item\->classes ) ){219            $classes \= preg\_grep( '/^(fa)(-\\S+)?$/i', $item\->classes );220            if( !empty( $classes ) ){221                $item\_output \= $this\->replace\_item( $item\_output, $classes );222            }223        }224        return $item\_output;225    }226227    function wp\_enqueue\_scripts(){228        $settings \= get\_option( 'n9m-font-awesome-4-menus', self::$defaults );229        switch( $settings\[ 'stylesheet' \] ){230            case 'local':231                wp\_register\_style( 'font-awesome-four', plugins\_url( 'css/font-awesome.min.css', \_\_FILE\_\_ ), array(), self::$defaults\[ 'version' \], 'all' );232                wp\_enqueue\_style( 'font-awesome-four' );233                break;234            case 'maxcdn':235                wp\_register\_style( 'font-awesome-four', self::$defaults\[ 'maxcdn\_location' \], array(), self::$defaults\[ 'version' \], 'all' );236                wp\_enqueue\_style( 'font-awesome-four' );237                break;238            case 'none':239                break;240            case 'other':241                wp\_register\_style( 'font-awesome-four', $settings\[ 'stylesheet\_location' \], array(), self::$defaults\[ 'version' \], 'all' );242                wp\_enqueue\_style( 'font-awesome-four' );243                break;244        }245    }246247    public static function write\_log( $log ){248        if( is\_array( $log ) || is\_object( $log ) ){249            error\_log( print\_r( $log, true ) );250        } else {251            error\_log( $log );252        }253    }254    255}256$n9m\_font\_awesome\_four \= new FontAwesomeFour();257258register\_uninstall\_hook( \_\_FILE\_\_, array( 'FontAwesomeFour', 'register\_uninstall\_hook' ) );

CVE-2023-4718: n9m-font-awesome-4.php in font-awesome-4-menus/trunk – WordPress Plugin Repository

A vulnerability classified as problematic was found in TOTVS RM 12.1. Affected by this vulnerability is an unknown functionality of the component Portal. The manipulation of the argument d leads to cross site scripting. The attack can be launched remotely. The identifier VDB-238573 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2023-4710

A vulnerability classified as problematic has been found in TOTVS RM 12.1. Affected is an unknown function of the file Login.aspx of the component Portal. The manipulation of the argument VIEWSTATE leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-238572. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2023-4709

A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been declared as problematic. This vulnerability affects unknown code of the file /collection/all. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. VDB-238570 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2023-4707

SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive information via the import sessions functions.

Tag

#xss