WordPress Plugin Schreikasten 0.14.13 – Cross-Site Scripting

• Exploit Database
• 16 阅读

• 作者： Henry Hoggard
  日期： 2012-06-20
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/19294/

• # Title: WordPress Schreikasten 0.14.13 XSS
  # Date: 5/6/12
  # Author: Henry Hoggard
  # Author URL: henryhoggard.co.uk
  # Author Twitter: @henryhoggard
  # http://wordpress.org/extend/plugins/schreikasten/
  
  Post your XSS in either the name or content fields and the XSS will appear on the homepage.
  
  Post your XSS as the poll title.
  
  The XSS I used is
  <script>alert('xss')</script>
  
  #############################################################