CVE-2021-47924
Stored XSS in Ultimate Product Catalog via Price Parameter
Publication date: 2026-05-10
Last updated on: 2026-05-10
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| etoile_web_design | ultimate_product_catalog | to 5.8.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in Ultimate Product Catalog version 5.8.2 is a stored cross-site scripting (XSS) flaw. It allows authenticated attackers to inject malicious scripts through the price parameter by submitting POST requests to post.php with HTML or JavaScript payloads. When the product page is viewed, the injected code executes arbitrary scripts.
This occurs because the input in the price field is not properly neutralized during web page generation, making it possible to embed harmful code that runs in the context of the website.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute arbitrary code in the context of your website when users view affected product pages. This can lead to unauthorized actions such as stealing user session data, defacing the website, or redirecting users to malicious sites.
Since the attack requires authentication, it implies that an attacker with some level of access can exploit this to escalate their impact, potentially compromising the integrity and trustworthiness of your product catalog.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for POST requests to the file post.php that include suspicious HTML or JavaScript payloads in the price parameter.
A practical approach is to inspect web server logs or use network monitoring tools to filter POST requests targeting post.php with the price field containing script tags or other HTML/JavaScript code.
- Use grep or similar command-line tools to search web server logs for POST requests to post.php with suspicious content, for example:
- grep -i 'POST /post.php' /var/log/apache2/access.log | grep -E 'price=.*<script|price=.*<.*>'
- Use intrusion detection systems (IDS) or web application firewalls (WAF) to detect and alert on POST requests containing script tags or suspicious payloads in the price parameter.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting or monitoring authenticated user access to the Ultimate Product Catalog plugin, especially the functionality that allows submitting data to post.php.
Ensure that input validation and sanitization are applied to the price parameter to prevent injection of malicious scripts.
If possible, update the Ultimate Product Catalog plugin to a version later than 5.8.2 where this vulnerability is fixed.
As a temporary measure, consider disabling or restricting access to the vulnerable functionality until a patch or update is applied.
Implement web application firewall (WAF) rules to block or sanitize POST requests containing suspicious scripts in the price parameter.