Impact
The Shariff for WordPress plugin up to version 1.0.11 fails to sanitize or escape the shariff_infourl setting before rendering it in the front‑end. This flaw allows a user with administrative privileges to store a malicious value that is then embedded directly into the page output as part of the Shariff widget. The result is a stored Cross‑Site Scripting vulnerability that can execute arbitrary JavaScript in the browsers of visitors who view pages containing the widget.
Affected Systems
The affected product is the Shariff for WordPress plugin version 1.0.11 and earlier. Any installation that has the plugin enabled and allows administrators or other highly privileged users to edit the shariff_infourl setting is at risk.
Risk and Exploitability
Exploitation requires an attacker to already possess administrative or equivalent access to the WordPress site to inject the malicious setting. Once the value is stored, it will be served to all users who load a page with the Shariff widget, regardless of their own privileges. The EPSS score, below 1%, suggests a low probability of exploitation in the wild, and the CVSS score of 4.8 places the vulnerability in the moderate severity range. It is not listed in the CISA KEV catalog. The attack vector is inferred to be the WordPress admin interface where the malicious string is entered; no additional interaction by visitors is required beyond viewing the affected page.
OpenCVE Enrichment