XSS in WordPress plugin Chamber Dashboard Business Directory.
User entered input which contains HTML/JS is not properly encoded on output, resulting in XSS.
Tested on version 3.2.8 (latest)
Enter payload into affected field (phone field in this example) and update company profile.
In WordPress admin choose Businesses -> All Businesses and entered payload is executed :)
Previous example was around phone field, because this is displayed in directory listing and therefore can be used as attack vector with less clicks requried from admin.
Other vulnerable fields include:
- Social media url