FS Product Inquiry <= 1.1.1 - Reflected XSS

Vulnerability

The FS Product Inquiry WordPress plugin through version 1.1.1 fails to sanitize and escape a parameter before outputting it back in the page. This leads to a Reflected Cross-Site Scripting (XSS) vulnerability. The affected versions are all versions up to and including 1.1.1, as no fix has been released [1].

Exploitation

An attacker can craft a malicious URL that includes the unsanitized parameter, and then trick a user (including high-privilege users such as administrators, or unauthenticated users) into visiting that URL. The injected script executes in the context of the vulnerable WordPress site. No special authentication or network position is required beyond the ability to deliver the crafted link to the victim [1].

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the victim's browser. This can lead to theft of session cookies, exfiltration of sensitive data, or actions performed on behalf of the victim, potentially resulting in full compromise of the affected WordPress site through an administrator account [1].

Mitigation

No official fix or patched version has been released by the plugin vendor as of the publication date (2024-06-04). The plugin is marked with no known fix [1]. Users should consider disabling or removing the plugin until a patched version is made available. No workarounds are documented in the available references.