OPEN-BRAIN WordPress Plugin Stored Cross-Site Scripting Vulnerability

A stored cross-site scripting vulnerability has been identified in the OPEN-BRAIN plugin for WordPress, affecting all versions through 0.5.0. The issue arises from inadequate input sanitization and output escaping in the 'API Key' settings field. While the plugin attempts to sanitize the input by removing HTML tags, it fails to properly encode double quotes and other HTML-special characters necessary for safe attribute context. As a result, the API key value can be manipulated and injected with arbitrary web scripts. This injected script executes when a user accesses the plugin's settings page, creating a persistent cross-site scripting risk.

Impact

Exploitation of this vulnerability allows authenticated users with Administrator-level access to inject and execute arbitrary scripts in the context of the user viewing the plugin settings.

Reproduction

To reproduce this vulnerability, an authenticated user with Administrator privileges can navigate to the OPEN-BRAIN plugin settings page. Once there, they can inject a script into the 'API Key' field by including double quotes followed by a JavaScript event handler. After saving the changes, the injected script will execute when the settings page is accessed.