跳转到帖子

游客您好,欢迎来到黑客世界论坛!您可以在这里进行注册。

赤队小组-代号1949(原CHT攻防小组)在这个瞬息万变的网络时代,我们保持初心,创造最好的社区来共同交流网络技术。您可以在论坛获取黑客攻防技巧与知识,您也可以加入我们的Telegram交流群 共同实时探讨交流。论坛禁止各种广告,请注册用户查看我们的使用与隐私策略,谢谢您的配合。小组成员可以获取论坛隐藏内容!

TheHackerWorld官方

Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS)

404 Not Found
404 Not Found
WEB和服务器安全漏洞

精选回复

发布于 
# Exploit Title: Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS)
# Google Dork: inurl:/wp-content/plugins/wp-useronline/
# Date: 2022-08-24
# Exploit Author: UnD3sc0n0c1d0
# Vendor Homepage: https://github.com/lesterchan/wp-useronline
# Software Link: https://downloads.wordpress.org/plugin/wp-useronline.2.88.0.zip
# Category: Web Application
# Version: 2.88.0
# Tested on: Debian / WordPress 6.0.1
# CVE : CVE-2022-2941
# Reference: https://github.com/lesterchan/wp-useronline/commit/59c76b20e4e27489f93dee4ef1254d6204e08b3c

# 1. Technical Description:
The WP-UserOnline plugin for WordPress has multiple Stored Cross-Site Scripting vulnerabilities in versions 
up to, and including 2.88.0. This is due to the fact that all fields in the “Naming Conventions” section do 
not properly sanitize user input, nor escape it on output. This makes it possible for authenticated attackers, 
with administrative privileges, to inject JavaScript code into the setting that will execute whenever a user 
accesses the injected page.
  
# 2. Proof of Concept (PoC):
  a. Install and activate version 2.88.0 of the plugin.
  b. Go to the plugin options panel (http://[TARGET]/wp-admin/options-general.php?page=useronline-settings).
  c. Identify the "Naming Conventions" section and type your payload in any of the existing fields. You can use 
 	 the following payload:
		<script>alert(/XSS/)</script>
  d. Save the changes and now go to the Dashboard/WP-UserOnline option. As soon as you click here, your payload 
  	 will be executed.

Note: This change will be permanent until you modify the edited fields.

 

创建帐户或登录后发表意见

转到主题列表

最近浏览 0

  • 没有会员查看此页面。