WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS)

2021.04.27
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

|=========================================================================== | # Exploit Title : WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS) | | # Author : Ali Seddigh | | # Category : Web Application | | # Software Link : https://wordpress.org/plugins/rss-for-yandex-turbo/ | | # Tested on : [ Windows ~> 10 , Kali Linux] | | # Version: 1.29 | | # Date : 2021-04-27 |=========================================================================== # POC : 1. Install WordPress 5.6 2. Install and activate "RSS for Yandex Turbo" plugin. 3. Navigate to Setting >> Яндекс.Турбо >> Счетчики and enter the data into all the six user input field and submit the request. 4. Capture the request into burp suite and append the following mentioned JavaScript payloads (one payload per parameter) "+onmouseover="alert(1) "+onmouseover="alert(2) "+onmouseover="alert(3) "+onmouseover="alert(4) "+onmouseover="alert(5) "+onmouseover="alert(6) 5. You will observe that the payloads got successfully stored into the database and when you move the mouse cursor over these fields the JavaScript payloads get executed successfully and we get a pop-up. |=========================================================================== | # Discovered By : Ali Triplex |===========================================================================


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top