Project: Wordpress Plugin YITH WooCommerce Wishlist 2.2.0

Vulnerability: #7371192 (2018-01-12 23:22:17)

Warning

There are many false positives, or unexploitable vulnerabilities. Please create working "PoC" exploit before reporting anything to vendor!

Details:

Sink Standard::extract
Risk _REQUEST
/yith-woocommerce-wishlist/plugin-fw/lib/yit-plugin-panel-wc.php:208 (show/hide source)
188              }
189  
190              $screen_ids[] = $admin_page_hooks[ $this->settings[ 'parent_page' ] ] . '_page_' . $this->settings[ 'page' ];
191  
192              return $screen_ids;
193          }
194  
195          /**
196           * Returns current active tab slug
197           *
198           * @return string
199           * @since    2.0.0
200           * @author   Andrea Grillo      <andrea.grillo@yithemes.com>
201           * @author   Antonio La Rocca   <antonio.larocca@yithemes.com>
202           */
203          public function get_current_tab() {
204              global $pagenow;
205              $tabs = $this->get_available_tabs();
206  
207              if ( $pagenow == 'admin.php' && isset( $_REQUEST[ 'tab' ] ) && in_array( $_REQUEST[ 'tab' ], $tabs ) ) {
208 return $_REQUEST[ 'tab' ];
209 } else { 210 return $tabs[ 0 ];
Threat level 2

Callstack:

YIT_Plugin_Panel_WooCommerce::yit_panel /yith-woocommerce-wishlist/plugin-fw/lib/yit-plugin-panel-wc.php:138 (show/hide source)
118           * Show a tabbed panel to setting page
119           *
120           * a callback function called by add_setting_page => add_submenu_page
121           *
122           * @return   void
123           * @since    1.0
124           * @author   Andrea Grillo      <andrea.grillo@yithemes.com>
125           * @author   Antonio La Rocca   <antonio.larocca@yithemes.com>
126           */
127          public function yit_panel() {
128              $additional_info = array(
129                  'current_tab'    => $this->get_current_tab(),
130                  'available_tabs' => $this->settings[ 'admin-tabs' ],
131                  'default_tab'    => $this->get_available_tabs( true ), //get default tabs
132                  'page'           => $this->settings[ 'page' ]
133              );
134  
135              $additional_info                      = apply_filters( 'yith_admin_tab_params', $additional_info );
136              $additional_info[ 'additional_info' ] = $additional_info;
137  
138 extract( $additional_info );
139 require_once( YIT_CORE_PLUGIN_TEMPLATE_PATH . '/panel/woocommerce/woocommerce-panel.php' ); 140 }