Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2021-24115 | CWE-79 | $1,500 | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Jinson Varghese Behanan | High | Remote | 2021-01-13 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L | 0.02192 | 0.50148 |
[-] Title : wp-ticket - wordpress plugin - Cross-Site-Scripting [-] Author : Abolfazl Feyz [-] Vendor : https://github.com/wp-plugins/wp-ticket/archive/master.zip [-] Dork : inurl:wp-content/plugins/wp-ticket-master/ [-] date : 9.January.2021 ------------------------------------ Vulnerable page: /wp-content/plugins/wp-ticket-master/assets/ext/zebraform/process.php ------------------------------------ --------------------------------------------------- Vulnerable source: Line188 : $form = $_GET['form']; Line217 : echo echo $form; ---------------------------------------------------- -------------------------------------------------------- POC : http://site.com/wp-content/plugins/wp-ticket-master/assets/ext/zebraform/process.php?form=[XSS] ====================================== = cantact me = = Telegram ==> Mr_ramkal = = instagram ==> aboolfazl_feyz = = email ==> [email protected] = ======================================
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.