Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

WordPress Avada Website Builder <7.4.2 - Cross-Site Scripting

By kannthu

High
Vidoc logoVidoc Module
#xss#wp#wordpress#wp-theme#avada
Description

What is the "WordPress Avada Website Builder <7.4.2 - Cross-Site Scripting" module?

The "WordPress Avada Website Builder <7.4.2 - Cross-Site Scripting" module is a test case designed to detect a specific vulnerability in the Avada WordPress theme. This vulnerability, classified as CWE-79, is a cross-site scripting (XSS) vulnerability that exists in versions of the Avada theme prior to 7.4.2. The module aims to identify instances of this vulnerability and report them as potential security risks.

The severity of this vulnerability is classified as high, with a CVSS score of 7.2. It is important to address this vulnerability promptly to prevent potential exploitation.

This module was authored by Akincibor.

Impact

The cross-site scripting vulnerability in the WordPress Avada Website Builder can allow attackers to inject malicious scripts into web pages viewed by users. This can lead to various security risks, including unauthorized access to sensitive information, session hijacking, and the potential for further attacks.

How does the module work?

The module works by sending HTTP requests to the target website and analyzing the responses for specific patterns that indicate the presence of the vulnerability. It uses a set of matching conditions to determine if the vulnerability is present.

One example of an HTTP request used by the module is:

GET /forums/search/z-->"></script><script>alert(document.domain)</script>/ HTTP/1.1

The module then checks the response for the following conditions:

- The response body contains the strings "></script><script>alert(document.domain)</script>" and "avada-footer-scripts". - The response header contains the string "text/html". - The response status code is 200.

If all of these conditions are met, the module identifies the presence of the cross-site scripting vulnerability in the Avada theme.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/forums/search/z-->%...
Matching conditions
word: "></script><script>alert(document.domain...and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability