WordPress Plugin Smart Slider-3 3.5.0.8 – ‘name’ Stored Cross-Site Scripting (XSS)

• Exploit Database
• 17 阅读

• 作者： Hardik Solanki
  日期： 2021-06-07
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/49958/

• # Exploit Title: WordPress Plugin Smart Slider-3 3.5.0.8 - 'name' Stored Cross-Site Scripting (XSS)
  # Exploit Author: Hardik Solanki
  # Date: 05/06/2021
  # Software Link: https://wordpress.org/plugins/smart-slider-3/
  # Version: 3.5.0.8
  # Tested on Windows
  
  *How to reproduce vulnerability:*
  
  1. Install WordPress 5.7.2
  2. Install and activate the "*Smart Slider 3" Version 3.5.0.8* plugin
  3. Navigate to "*Dashboard* and create a "*New Project*".
  4. Enter the JavaScript payload "*<script>alert(document.cookie)</script>*" into the "*Name*" field.
  5. You will observe that the Project has been created with malicious
  JavaScript payload "<script>alert(document.cookie)</script>" and hence
  project has been* created/stored* and thus JavaScript payload is executing
  successfully.
  
  *XSS IMPACT:*
  1: Steal the cookie
  2: User redirection to a malicious website