Project: Wordpress Plugin Experitus Booking Form 0.4

Vulnerability: #6956623 (2017-12-07 12:52:10)

Warning

There are many false positives, or unexploitable vulnerabilities. Please create working "PoC" exploit before reporting anything to vendor!

Details:

Sink PHP::echo
Risk _SERVER
/experitus-form/includes/views/admin.php:30 (show/hide source)
10  	<?php if ( $this->current_tab == 'experitus_credentials' ): ?>
11  		<form method="post" action="options.php">
12  			<?php settings_fields( 'experitus_connection_group' );
13  				do_settings_sections( 'experitus_connection_group' );
14  				submit_button(); ?>
15  		</form>
16  	<?php elseif ( $this->current_tab == 'captcha_credentials' ): ?>
17  		<form method="post" action="options.php">
18  			<?php settings_fields( 'experitus_captcha_group' );
19  				do_settings_sections( 'experitus_captcha_group' );
20  				submit_button(); ?>
21  		</form>
22  	<?php else: ?>
23  		<p style="margin-top: 25px;">
24  			<strong><?php echo __( 'Important!' ); ?></strong>
25  			<?php echo __( 'To publish orders form you have to create a new page (or use an existing one) with a shortcode [experitus_orders_form] in it. Your form will be automatically rendered on this page.' ); ?>
26  		</p>
27  		<p>
28  			<?php echo __( 'If Request Form settings were changed on Experitus you can update them by clicking on a button below.' ); ?>
29  		</p>
30 <form method="post" action="<?php echo esc_url( $_SERVER['REQUEST_URI'] ); ?>">
31 <?php wp_nonce_field( 'experitus_reload_attributes', 'experitus_admin_non_ce' ); ?> 32 <?php submit_button( __( 'Reload form attributes' ), 'primary', 'reload_form_attributes'); ?>
Threat level 0

Callstack:

@INLINE::/experitus-form/includes/views/admin.php /experitus-form/includes/views/admin.php:30 (show/hide source)
10  	<?php if ( $this->current_tab == 'experitus_credentials' ): ?>
11  		<form method="post" action="options.php">
12  			<?php settings_fields( 'experitus_connection_group' );
13  				do_settings_sections( 'experitus_connection_group' );
14  				submit_button(); ?>
15  		</form>
16  	<?php elseif ( $this->current_tab == 'captcha_credentials' ): ?>
17  		<form method="post" action="options.php">
18  			<?php settings_fields( 'experitus_captcha_group' );
19  				do_settings_sections( 'experitus_captcha_group' );
20  				submit_button(); ?>
21  		</form>
22  	<?php else: ?>
23  		<p style="margin-top: 25px;">
24  			<strong><?php echo __( 'Important!' ); ?></strong>
25  			<?php echo __( 'To publish orders form you have to create a new page (or use an existing one) with a shortcode [experitus_orders_form] in it. Your form will be automatically rendered on this page.' ); ?>
26  		</p>
27  		<p>
28  			<?php echo __( 'If Request Form settings were changed on Experitus you can update them by clicking on a button below.' ); ?>
29  		</p>
30 <form method="post" action="<?php echo esc_url( $_SERVER['REQUEST_URI'] ); ?>">
31 <?php wp_nonce_field( 'experitus_reload_attributes', 'experitus_admin_non_ce' ); ?> 32 <?php submit_button( __( 'Reload form attributes' ), 'primary', 'reload_form_attributes'); ?>