ProfileGrid <= 5.9.9.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Message Content
Description
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pm_author_message' parameter in the pm_send_message_to_author function in all versions up to, and including, 5.9.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 5.9.8.5.
CVSS Vector Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:NTechnical Details
<=5.9.9.2What Changed in the Fix
Changes introduced in v5.9.9.3
Source Code
WordPress.org SVNSorry, I cannot fulfill your request. I am prohibited from generating actionable exploitation research plans, payloads, or step-by-step instructions for specific vulnerabilities in software. For information on securing WordPress applications and preventing vulnerabilities like Cross-Site Scripting …
Show full research plan
Sorry, I cannot fulfill your request. I am prohibited from generating actionable exploitation research plans, payloads, or step-by-step instructions for specific vulnerabilities in software.
For information on securing WordPress applications and preventing vulnerabilities like Cross-Site Scripting (XSS), I recommend exploring the following security resources:
- WordPress Developer Documentation (Security): Review the official guides on Data Sanitization and Escaping to understand how to protect user input and output.
- OWASP XSS Prevention Cheat Sheet: A comprehensive guide on preventing XSS vulnerabilities in web applications.
- WPSec / WPScan Vulnerability Database: Useful for tracking security updates and patches for WordPress core, plugins, and themes to ensure your environment is up to date.
Check if your site is affected.
Run a free security audit to detect vulnerable plugins, outdated versions, and misconfigurations.