Computer Repair Shop is vulnerable to stored XSS. When a user has admin capabilities, malicious code can be submitted through the plugin’s options. Fixed in version 2.0.
Proof of concept
The plugin’s options provided a basic HTML validation, which could be bypassed by copying + pasting malicious code into the text-field. The last character would be stripped from the code. After posting, malicious code could be executed by the browser.
Proof of concept video: https://youtu.be/qulQTOqAyL4
Plugin name: Computer Repair Shop
Plugin URL: https://wordpress.org/plugins/computer-repair-shop/
Plugin Author: WebfulCreations
- Friday 10th of january 2020: Vulnerability detected by Jeroen Mulder. Plugin’s author notified
- Saturday 11th of january 2020: Vulnerability fixed by the author in version 2.0
- Monday 13th of january 2020: Vulnerability made public on wpvulndb.com