Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Wordpress Wordfence - Cross-Site Scripting

By kannthu

Vidoc logoVidoc Module

What is "Wordpress Wordfence - Cross-Site Scripting?"

The "Wordpress Wordfence - Cross-Site Scripting" module is designed to detect vulnerabilities related to cross-site scripting (XSS) in the Wordpress Wordfence plugin. XSS is a type of security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. This module focuses on identifying instances where the Wordfence plugin is susceptible to XSS attacks.

This module has a medium severity level, indicating that while it may not pose an immediate threat, it still requires attention and remediation to prevent potential security breaches.

This module was authored by hackergautam.


If the Wordpress Wordfence plugin is vulnerable to cross-site scripting, it can allow attackers to execute arbitrary scripts on the affected website. This can lead to various malicious activities, such as stealing sensitive user information, defacing the website, or redirecting users to malicious websites.

How does the module work?

The "Wordpress Wordfence - Cross-Site Scripting" module works by sending HTTP requests to the target website and analyzing the responses for specific patterns. It checks for the presence of the "<script>alert(document.domain)</script>" script in the response body, the "text/html" header in the response, and a response status code of 200.

By matching these conditions, the module can determine if the Wordpress Wordfence plugin is vulnerable to XSS attacks. It does not directly modify or exploit the target website but rather identifies potential vulnerabilities that need to be addressed.

Here is an example of an HTTP request used by the module:

GET /?s=ax6zt%2522%253e%253cscript%253ealert%2528document.domain%2529%253c%252fscript%253ey6uu6 HTTP/1.1

The module sends this request to the target website and checks if the response contains the expected script, header, and status code.

It is important to address any vulnerabilities identified by this module to prevent potential exploitation and protect the integrity and security of the Wordpress Wordfence plugin.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: <script>alert(document.domain)</script>and
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability