Wordpress theme real estate 2.8.9 crosssite scripting Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2019-07-29 |
Type : webapps |
Platform : php
This exploit / vulnerability Wordpress theme real estate 2.8.9 crosssite scripting is for educational purposes only and if it is used you will do on your own risk!
Details & Description:
The «Real Estate 7» premium WordPress theme is vulnerable to persistent XSS
injection that allows an attacker to inject JavaScript or HTML code into
the website front-end.
Special Note:
- 7.151 Sales
- If pre moderation is enabled, then u have a huge chance to steal an admin
or moderator cookies.
- U can edit any existed listing on the website by changing the unique ID
-> https://site.com/edit-listing/?listings=XXX (where XXX is WordPress post
ID, u can find it inside <body> tag class).
PoC [Persistent XSS Injection]:
First of all, register a new account as a seller or agent, log in and
choose free membership package @ the dashboard. After that u'll be able to
submit a new listing -> https://site.com/submit-listing/
For persistent XSS injection u need to add ur payload inside the «Vitrual
Tour Embed» text area (on the «DETAILS» step) and then press «Submit»
button.
Example: <img src="x" onerror="(alert)(`m0ze`)">
Wordpress theme real estate 2.8.9 crosssite scripting