Users Ultra [Persistence XSS]
WordPress plugin Users Ultra suffers for an Persistence XSS vulnerability.
Once a user is registered he can add new subscription packages or modify existing ones. No data sanitization is taking place before saving package details in DB. This allows a malicious user to include JS code in package name and/or package description.
- Send a post request to
http://vuln.site.tld/wp-admin/admin.php?page=userultra&tab=membershipas admin or go to the page that contains package information at front end.
Requested CVE ID
Vendor notified via email
Requested CVE ID (no response from 2015-10-20)
Vendor notified via contact form in his website
Vendor notified via support forums at wordpress.org
Vendor responded and received report through email
Requested CVE ID (no response from 2015-11-11)