Jump to content

Wordpress 插件 3dady 实时网络统计 1.0 - 存储型跨站脚本 (XSS)


0X01001

Recommended Posts


  • Group:  Members
  • Content Count:  4
  • Achievement Points:  36
  • With Us For:  74 Days
  • Status:  Offline
  • Last Seen:  
  • Device:  Windows

# Exploit Title: Wordpress Plugin 3dady real-time web stats 1.0 - Stored Cross Site Scripting (XSS)
# Google Dork: inurl:/wp-content/plugins/3dady-real-time-web-stats/
# Date: 2022-08-24
# Exploit Author: UnD3sc0n0c1d0
# Vendor Homepage: https://profiles.wordpress.org/3dady/
# Software Link: https://downloads.wordpress.org/plugin/3dady-real-time-web-stats.zip
# Category: Web Application
# Version: 1.0
# Tested on: Debian / WordPress 6.0.1
# CVE : N/A

# 1. Technical Description:
The 3dady real-time web stats WordPress plugin is vulnerable to stored XSS. Specifically in the dady_input_text 
and dady2_input_text fields because the user's input is not properly sanitized which allows the insertion of 
JavaScript code that can exploit the vulnerability.
  
# 2. Proof of Concept (PoC):
  a. Install and activate version 1.0 of the plugin.
  b. Go to the plugin options panel (http://[TARGET]/wp-admin/admin.php?page=3dady).
  c. Insert the following payload in any of the visible fields (dady_input_text or dady2_input_text):
		" autofocus onfocus=alert(/XSS/)>
  d. Save the changes and immediately the popup window demonstrating the vulnerability (PoC) will be executed.

  Note: This change will be permanent until you modify the edited fields.
  • Like 1
Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...