Authenticated (Editor+) Stored Cross-Site Scripting

  • Resolved Larry Daniele

    (@larrydaniele)


    2 years, 10 months ago

    I’m seeing a Wordfence critical warning for this plugin:

    AnsPress – Question and answer <= 4.3.0 – Authenticated (Editor+) Stored Cross-Site Scripting

    The AnsPress – Question and answer plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

    No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.

    To you plan to fix this problem? Do you have an estimate of when a fix may be available?

    My client (and I’m sure many others) like this plugin and are put in a difficult situation of having to decide whether to deactivate or replace it.

    Thanks!

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Rahul Aryan

    (@nerdaryan)

    2 years, 10 months ago

    A researcher has contacted us regarding an issue, and we believe that it is not caused by AnsPress. This problem can be reproduced in WordPress and numerous other popular plugins, not just AnsPress.

    Plugin Author Rahul Aryan

    (@nerdaryan)

    2 years, 10 months ago

    We have released a fix which will escape all titles in our template.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Authenticated (Editor+) Stored Cross-Site Scripting’ is closed to new replies.