Miggo Logo
Miggo Vulnerability Database
CVE-2018-5361

CVE-2018-5361:
WPGlobus plugin Stored XSS & CSRF security vulnerability

8.8

CVSS Score
3.0

Basic Information

CVE ID
CVE-2018-5361
GHSA ID
GHSA-6fxc-v8wq-849g
EPSS Score
0.65711%
CWE
CWE-352
Published
5/13/2022
Updated
4/24/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
wpglobus/wpglobuscomposer<= 1.9.61.9.7

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from two key issues in options handling: 1) Missing CSRF protection through wp_nonce verification in the options saving routine, allowing forged requests. 2) Inadequate sanitization of multiple wpglobus_option parameters (enabled_languages, more_languages, etc.) when storing them, enabling XSS payload injection. The combination of these flaws in the options persistence mechanism makes the __save_options method (or equivalent options handler) the primary vulnerable function. While exact function names aren't explicitly disclosed, WordPress plugin patterns and the vulnerability's nature strongly indicate the options handling method in the admin class as the vulnerable component.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** WP*lo*us plu*in *.*.* *or Wor*Pr*ss **s *SR* vi* `wp-**min/options.p*p`.

Reasoning

T** vuln*r**ility st*ms *rom two k*y issu*s in options **n*lin*: *) Missin* *SR* prot**tion t*rou** wp_non** v*ri*i**tion in t** options s*vin* routin*, *llowin* *or*** r*qu*sts. *) In***qu*t* s*nitiz*tion o* multipl* wp*lo*us_option p*r*m*t*rs (*n**