Find And Replace Content For WordPress Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in the Find And Replace Content for WordPress plugin, affecting all versions through 1.1. The issue arises from a missing capability check in the 'far_admin_ajax_fun()' function, allowing unauthenticated attackers to inject arbitrary scripts into pages. This vulnerability could be exploited for privilege escalation and to create malicious redirects.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the page. Additionally, it enables arbitrary content replacement, which could be used to manipulate posts or pages on the WordPress site.

Reproduction

To reproduce this vulnerability, send a request to the 'far_admin_ajax_fun()' function via 'admin-ajax.php' without the necessary authorization. Include the 'find_text' and 'replace_text' parameters. The absence of a capability check allows the injection of scripts, which are then executed when the affected content is viewed.

Remediation

No known patch is available for this vulnerability. It is recommended to review the vulnerability details and consider uninstalling the affected plugin.