CVE-2012-10018 Scanner
CVE-2012-10018 Scanner - Cross-Site Scripting (XSS) vulnerability in WordPress Mapplic
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
1 minute
Time Interval
17 days 13 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
WordPress Mapplic and Mapplic Lite are popular mapping plugins for the content management system WordPress. These plugins are often used by bloggers, businesses, and developers to enhance their websites by adding interactive maps. With these plugins, admins can create detailed maps with multiple locations, and users can navigate these maps interactively. The ease of integration with WordPress themes and compatibility with various browsers make these plugins a favored choice among web developers and site administrators. Particularly appealing for websites that focus on geographic data or location-based services, these plugins enhance user engagement through visualized data.
The vulnerability present in WordPress Mapplic and Mapplic Lite is an authenticated stored cross-site scripting (XSS) issue. Attackers can exploit this vulnerability by injecting arbitrary remote URLs for SVG map files into the system. Once injected, these URLs are fetched and executed by the browser due to the use of jQuery .load() functions, and any embedded JavaScript will run in the context of the user visiting the page. This type of XSS vulnerability can affect both the admin panel and front-end pages, leading to potential compromise of user data and accounts.
Technical details reveal that this vulnerability resides in the inadequate sanitization of SVG file uploads. Authenticated users with author-level permissions have the ability to upload SVG files, which can contain embedded JavaScript code. When these files are inserted into the DOM using jQuery, the code within the SVG is executed, enabling the attacker to perform actions like session hijacking. This can particularly affect sensitive operations within the WordPress backend and any page where the map is rendered. While the specific vulnerable function is tied to the handling of SVG files, the absence of proper input validation allows this attack vector to be explored.
When successfully exploited, this vulnerability can have severe repercussions. The execution of malicious scripts may lead to session hijacking, allowing attackers to impersonate legitimate users. It could enable privilege escalation attacks or complete takeovers of the affected WordPress sites. Additionally, malicious actors could potentially extract sensitive data, manipulate content, or introduce further security threats. Given the potential scope of impact, addressing this vulnerability is crucial to maintaining site security and integrity.
REFERENCES
- https://nvd.nist.gov/vuln/detail/CVE-2012-10018
- https://wpscan.com/vulnerability/7bdee32b-9036-4e13-9586-4d6a9a1159c6/
- https://patchstack.com/database/wordpress/plugin/mapplic-lite/vulnerability/wordpress-mapplic-lite-plugin-1-0-stored-cross-site-scripting-xss-injection-via-server-side-request-forgery-ssrf-vulnerability
- https://packetstormsecurity.com/files/161920/WordPress-Mapplic-6.1-SSRF-Cross-Site-Scripting.html
