All-In-One-WP-Migration-With-Import icon indicating copy to clipboard operation
All-In-One-WP-Migration-With-Import copied to clipboard

Published 20 hours ago verified publisher icon d0n601

Fixing the XSS vulnerability?

Open v-marinkov opened this issue 4 years ago • 3 comments

Hi, I have been using a similarly modified version of the plugin for a while now. I found out that versions below 6.97 have a XSS vulnerability. Do you think it can be fixed?

To be fair, the vulnerability is not so critical since it requires the attacker to already have access to the database or backend.

v-marinkov avatar Jan 14 '21 13:01 v-marinkov

Do you have a reference to the XSS? Like a CVE or anything I can look at?

d0n601 avatar Feb 25 '21 01:02 d0n601

Not sure if this helps but in the link I posted above this is listed: CWE-79 https://cwe.mitre.org/data/definitions/79.html

v-marinkov avatar Feb 25 '21 18:02 v-marinkov

@v-marinkov thank you, that's good info. I don't think the vulnerability is critical enough to be concerned about using the plugin with it present. As you said, in order to exploit it an attacker would already have to have gained access to a user's account with permissions to modify backups.

Honestly, unless there's an automated backup process using the plugin, I'd just install it to backup/import, and then remove it again until it's time to use it, then reinstall it. I've always held to the philosophy to keep as few plugins on an installation as necessary.

I like to tinker with things like this though, so I'll probably try to recreate the exploit in the CWE you posted, and try to patch the code in this repo to prevent it. No guarantees on when I'll get to that, but it sounds neat and I appreciate you bringing it up.

d0n601 avatar Feb 25 '21 18:02 d0n601