Official Integration for Billingo by PWS Online Kft.

Official Integration for Billingo by PWS Online Kft. <= 3.3.9 - ShopManager+ Stored XSS

LANACOMMONVDB ID: 2dc99254-1f3d-4b84-8a6b-72bc89cbaa1d

The plugin does not sanitize and escape some of its settings, which could allow high privilege users with a role as low as Shop Manager to perform Stored Cross-Site Scripting (XSS) attacks.

Proof of Concept

Put the following payload in the WooCommerce > Settings > Billingo > E-mail Beállítások > Gomb szöveg field (in the table):

<script>alert(/XSS/);</script>

References

Source Code: https://wordpress.org/plugins/billingo/

CVE: CVE-2022-3420

Attributes

Catgory: WordPress Plugin

Discovered: 2022-09-07

Published: 2022-10-10

Affected Version: <= 3.3.9

Classification

Type: Cross-Site Scripting (XSS)

Researcher

Name: István Márton

Email: [email protected]