Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
28 lines (16 sloc) 988 Bytes

Well ,sir ,I just found some Stored-XSS bugs at wp-plugin dark-mode.


When I visit the user profile page as a normal user contributor, I'll see the dark-mode function here:

But when I pentest the parameter in this plugin, I found when I write something into this point, it does not filter well.

Weak data parameter:



When the managers login into the panel, if they edit the profile page of contributor, I can get their cookie easily, or do something more evilly.


Well, by the way, I just test the bug in the wordpress 4.9.1 and the latest version of the wp-plugin dark-mode.