42e75482b6
4 changes to exploits/shellcodes/ghdb Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition Neontext Wordpress Plugin - Stored XSS
22 lines
No EOL
916 B
Text
22 lines
No EOL
916 B
Text
# Exploit Title: Wordpress Plugin Neon Text <= 1.1 - Stored Cross Site Scripting (XSS)
|
|
# Date: 2023-11-15
|
|
# Exploit Author: Eren Car
|
|
# Vendor Homepage: https://www.eralion.com/
|
|
# Software Link: https://downloads.wordpress.org/plugin/neon-text.zip
|
|
# Category: Web Application
|
|
# Version: 1.0
|
|
# Tested on: Debian / WordPress 6.4.1
|
|
# CVE : CVE-2023-5817
|
|
|
|
# 1. Description:
|
|
The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontext_box shortcode in 1.1 and above versions.
|
|
|
|
# 2. Proof of Concept (PoC):
|
|
a. Install and activate version 1.0 of the plugin.
|
|
b. Go to the posts page and create new post.
|
|
c. Add shorcode block and insert the following payload:
|
|
|
|
[neontext_box][neontext color='"onmouseover="alert(document.domain)"']TEST[/neontext][/neontext_box]
|
|
|
|
|
|
d. Save the changes and preview the page. Popup window demonstrating the vulnerability will be executed. |