Project: Wordpress Plugin WP-Stateless – Google Cloud Storage 2.3.2

Vulnerability: #9253636 (2020-04-26 11:05:36)

Warning

There are many false positives, or unexploitable vulnerabilities. Please create working "PoC" exploit before reporting anything to vendor!

Details:

Sink PHP::echo
Risk _SERVER
/wp-stateless/static/views/setup_wizard_interface.php:2 (show/hide source)
1  <?php
2 $server_name = $_SERVER['HTTP_HOST']?$_SERVER['HTTP_HOST']: $_SERVER["SERVER_NAME"];
3 $id = str_replace('.', '-', $server_name); 4 $project_name = trim(substr($id, 0, 30), '-');
Threat level 0

Callstack:

@INLINE::/wp-stateless/static/views/setup_wizard_interface.php /wp-stateless/static/views/setup_wizard_interface.php:93 (show/hide source)
73                                              <div id="stateless-notification" class="error">
74                                                  
75                                              </div>
76                                              <div class="wpStateLess-single-step-input">
77                                                  <label for="">
78                                                      <h4><?php _e( 'Google Cloud Project', ud_get_stateless_media()->domain ); ?></h4>
79                                                      <p><?php _e( 'By default we create a new project for you, or if you prefer, select an existing project.', ud_get_stateless_media()->domain ); ?></p>
80                                                  </label>
81                                                  <div class="wpStateLess-combo-box project">
82                                                      <input type="hidden" class="id" value="<?php echo $project_id;?>">
83                                                      <input type="text" class="name" value="<?php echo $project_name;?>" placeholder="Select or Create New Project">
84                                                      <div class="circle-loader">
85                                                          <div class="checkmark draw"></div>
86                                                      </div>
87                                                      <div class="wpStateLess-input-dropdown">
88                                                          <div class="wpStateLess-create-new">
89                                                              <h5><?php _e( 'Create New Project', ud_get_stateless_media()->domain ); ?></h5>
90                                                              <ul>
91                                                                  <li class="custom-name"></li>
92                                                                  <li class="predefined-name active" data-id="<?php echo $project_id?>" data-name="<?php echo $project_name?>">
93 <?php echo "$project_name ($project_id)";?>
94 </li> 95 </ul>