34c9d56d78
5 changes to exploits/shellcodes Online Pre-owned/Used Car Showroom Management System 1.0 - SQLi Authentication Bypass Online Magazine Management System 1.0 - SQLi Authentication Bypass WordPress Plugin All-in-One Video Gallery plugin 2.4.9 - Local File Inclusion (LFI) WordPress Plugin Slider by Soliloquy 2.6.2 - 'title' Stored Cross Site Scripting (XSS) (Authenticated) WordPress Plugin DZS Zoomsounds 6.45 - Arbitrary File Read (Unauthenticated)
19 lines
No EOL
919 B
Text
19 lines
No EOL
919 B
Text
# Exploit Title: WordPress Plugin Slider by Soliloquy 2.6.2 - 'title' Stored Cross Site Scripting (XSS) (Authenticated)
|
|
# Date: 02/12/2021
|
|
# Exploit Author: Abdurrahman Erkan (@erknabd)
|
|
# Vendor Homepage: https://soliloquywp.com/
|
|
# Software Link: https://wordpress.org/plugins/soliloquy-lite/
|
|
# Version: 2.6.2
|
|
# Tested on: Kali Linux 2021 - Firefox 78.7, Windows 10 - Brave 1.32.113, WordPress 5.8.2
|
|
|
|
# Proof of Concept:
|
|
#
|
|
# 1- Install and activate the Slider by Soliloquy 2.6.2 plugin.
|
|
# 2- Open Soliloquy and use "Add New" button to add new post.
|
|
# 3- Add payload to title. Payload: <script>alert(document.cookie)</script>
|
|
# 4- Add any image in post.
|
|
# 5- Publish the post.
|
|
# 6- XSS has been triggered.
|
|
#
|
|
# Go to this url "http://localhost/wp-admin/post.php?post=1&action=edit" XSS will trigger. - For wordpress users.
|
|
# Go to this url "http://localhost/?post_type=soliloquy&p=1" XSS will trigger. - For normal users. |