WordPress FlagEm - Cross-Site Scripting

By kannthu

High

Vidoc Module

#wordpress#xss#wp-plugin#edb

Description

What is "WordPress FlagEm - Cross-Site Scripting?"

The "WordPress FlagEm - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in the WordPress FlagEm plugin. This vulnerability allows an attacker to execute arbitrary scripts in the browser of an unsuspecting user. The severity of this vulnerability is classified as high, with a CVSS score of 7.2.

The original author of this module is daffainfo.

Impact

If exploited, this cross-site scripting vulnerability can lead to various malicious activities, such as stealing sensitive user information, performing unauthorized actions on behalf of the user, or injecting malicious content into the affected website.

How the module works?

The module sends an HTTP GET request to the following path:

/wp-content/plugins/FlagEm/flagit.php?cID=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E

The module then applies the following matching conditions:

- The response body must contain the string </script><script>alert(document.domain)</script> - The response header must contain the string text/html - The HTTP status code must be 200

If all the matching conditions are met, the module reports the vulnerability.

Module preview

Concurrent Requests (1)

1. HTTP Request template

GET/wp-content/plugins/...

Matching conditions

word: </script><script>alert(document.domain)<...and

word: text/htmland

status: 200

Passive global matcher

No matching conditions.

On match action

Report vulnerability