Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "WordPress Avada Website Builder <7.4.2 - Cross-Site Scripting" module is a test case designed to detect a specific vulnerability in the Avada WordPress theme. This vulnerability, classified as CWE-79, is a cross-site scripting (XSS) vulnerability that exists in versions of the Avada theme prior to 7.4.2. The module aims to identify instances of this vulnerability and report them as potential security risks.
The severity of this vulnerability is classified as high, with a CVSS score of 7.2. It is important to address this vulnerability promptly to prevent potential exploitation.
This module was authored by Akincibor.
The cross-site scripting vulnerability in the WordPress Avada Website Builder can allow attackers to inject malicious scripts into web pages viewed by users. This can lead to various security risks, including unauthorized access to sensitive information, session hijacking, and the potential for further attacks.
The module works by sending HTTP requests to the target website and analyzing the responses for specific patterns that indicate the presence of the vulnerability. It uses a set of matching conditions to determine if the vulnerability is present.
One example of an HTTP request used by the module is:
GET /forums/search/z-->"></script><script>alert(document.domain)</script>/ HTTP/1.1
The module then checks the response for the following conditions:
- The response body contains the strings"></script><script>alert(document.domain)</script>"
and "avada-footer-scripts"
.
- The response header contains the string "text/html"
.
- The response status code is 200.
If all of these conditions are met, the module identifies the presence of the cross-site scripting vulnerability in the Avada theme.