ByteOS Network

▼CVE Numbering Authority (CNA)

Buy Me a Coffee – Button and Widget Plugin <= 3.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The "Buy Me a Coffee – Button and Widget Plugin" plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 3.6 due to insufficient sanitization and escaping on the 'text value set via the bmc_post_reception action. This makes it possible for authenticated attackers, with subscriber-level permissions, and above to inject arbitrary web scripts into pages that execute whenever a victim accesses a page with the injected scripts.

Affected Products

Vendor

buymeacoffee

Product

Buy Me a Coffee – Button and Widget Plugin

Default Status

unaffected

Versions

Affected

From 0 through 3.6 (semver)

Problem Types

Type	CWE ID	Description
CWE	CWE-79	CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Type: CWE

CWE ID: CWE-79

Description: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Metrics

Version	Base score	Base severity	Vector
3.1	6.4	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Version: 3.1

Base score: 6.4

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Credits

finder

István Márton

Timeline

Event	Date
Disclosed	2023-07-13 00:00:00

Event: Disclosed

Date: 2023-07-13 00:00:00

References

Hyperlink	Resource
https://www.wordfence.com/threat-intel/vulnerabilities/id/ed9f8948-085b-4ac5-befd-c70085aa23cd?source=cve	N/A
https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/includes/class-buy-me-a-coffee.php?rev=2319979#L162	N/A
https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/admin/class-buy-me-a-coffee-admin.php?rev=2816542	N/A
https://plugins.trac.wordpress.org/changeset?old_path=%2Fbuymeacoffee%2Ftags%2F3.6&old=2922493&new_path=%2Fbuymeacoffee%2Ftags%2F3.7&new=2922493&sfp_email=&sfph_mail=	N/A

Hyperlink: https://www.wordfence.com/threat-intel/vulnerabilities/id/ed9f8948-085b-4ac5-befd-c70085aa23cd?source=cve

Resource: N/A

Hyperlink: https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/includes/class-buy-me-a-coffee.php?rev=2319979#L162

Resource: N/A

Hyperlink: https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/admin/class-buy-me-a-coffee-admin.php?rev=2816542

Resource: N/A

Hyperlink: https://plugins.trac.wordpress.org/changeset?old_path=%2Fbuymeacoffee%2Ftags%2F3.6&old=2922493&new_path=%2Fbuymeacoffee%2Ftags%2F3.7&new=2922493&sfp_email=&sfph_mail=

Resource: N/A

Hyperlink	Resource
https://www.wordfence.com/threat-intel/vulnerabilities/id/ed9f8948-085b-4ac5-befd-c70085aa23cd?source=cve	x_transferred
https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/includes/class-buy-me-a-coffee.php?rev=2319979#L162	x_transferred
https://plugins.trac.wordpress.org/browser/buymeacoffee/trunk/admin/class-buy-me-a-coffee-admin.php?rev=2816542	x_transferred
https://plugins.trac.wordpress.org/changeset?old_path=%2Fbuymeacoffee%2Ftags%2F3.6&old=2922493&new_path=%2Fbuymeacoffee%2Ftags%2F3.7&new=2922493&sfp_email=&sfph_mail=	x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References