[webapps] WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting (XSS)
2022-4-19 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:16 收藏

# Exploit Title: WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting (XSS)
# Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/
# Date: 2022-04-13
# Exploit Author: UnD3sc0n0c1d0
# Vendor Homepage: http://www.a-j-evolution.com/
# Software Link: https://downloads.wordpress.org/plugin/video-synchro-pdf.1.7.4.zip
# Category: Web Application
# Version: 1.7.4
# Tested on: CentOS / WordPress 5.9.3
# CVE : N/A

# 1. Technical Description:
The plugin does not properly sanitize the nom, pdf, mp4, webm and ogg parameters, allowing 
potentially dangerous characters to be inserted. This includes the reported payload, which 
triggers a persistent Cross-Site Scripting (XSS).
  
# 2. Proof of Concept (PoC):
 a. Install and activate version 1.7.4 of the plugin.
 b. Go to the plugin options panel (http://[TARGET]/wp-admin/admin.php?page=aje_videosyncropdf_videos).
 c. Open the "Video example" or create a new one (whichever you prefer).
 d. Change or add in some of the displayed fields (Name, PDF file, MP4 video, WebM video or OGG video) 
	the following payload:
		" autofocus onfocus=alert(/XSS/)>.
 e. Save the changes. "Edit" button.
 f. JavaScript will be executed and a popup with the text "XSS" will be displayed.

Note: This change will be permanent until you modify the edited field.
            

文章来源: https://www.exploit-db.com/exploits/50874
如有侵权请联系:admin#unsafe.sh