WordPress Neon Text 1.1 Cross Site Scripting

WordPress Neon Text 1.1 Cross Site Scripting

Posted Mar 5, 2024

Authored by Eren Car

WordPress Neon Text plugin versions 1.1 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2023-5817

SHA-256 | f6fa131d3df7c7fa0667803c7757179d6f0f6967ebbb7d6ee2469662460a8a4e

Download | Favorite | View

WordPress Neon Text 1.1 Cross Site Scripting

# Exploit Title: Wordpress Plugin Neon Text <= 1.1 - Stored Cross Site Scripting (XSS)# Date: 2023-11-15# Exploit Author: Eren Car# Vendor Homepage: https://www.eralion.com/# Software Link: https://downloads.wordpress.org/plugin/neon-text.zip# Category: Web Application# Version: 1.0# Tested on: Debian / WordPress 6.4.1# CVE : CVE-2023-5817# 1. Description:The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontext_box shortcode in 1.1 and above versions.   # 2. Proof of Concept (PoC):  a. Install and activate version 1.0 of the plugin.  b. Go to the posts page and create new post.  c. Add shorcode block and insert the following payload:      [neontext_box][neontext color='"onmouseover="alert(document.domain)"']TEST[/neontext][/neontext_box]          d. Save the changes and preview the page. Popup window demonstrating the vulnerability will be executed.

File Tags

• ActiveX (933)
• Advisory (84,370)
• Arbitrary (16,579)
• BBS (2,859)
• Bypass (1,818)
• CGI (1,032)
• Code Execution (7,578)
• Conference (687)
• Cracker (844)
• CSRF (3,370)
• DoS (24,373)
• Encryption (2,381)
• Exploit (52,611)
• File Inclusion (4,246)
• File Upload (982)
• Firewall (822)
• Info Disclosure (2,832)
• Intrusion Detection (905)
• Java (3,117)
• JavaScript (887)
• Kernel (6,944)
• Local (14,657)
• Magazine (586)
• Overflow (12,989)
• Perl (1,430)
• PHP (5,174)
• Proof of Concept (2,364)
• Protocol (3,687)
• Python (1,595)
• Remote (31,291)
• Root (3,613)
• Rootkit (519)
• Ruby (617)
• Scanner (1,647)
• Security Tool (7,962)
• Shell (3,236)
• Shellcode (1,217)
• Sniffer (899)
• Spoof (2,255)
• SQL Injection (16,491)
• TCP (2,420)
• Trojan (688)
• UDP (896)
• Virus (668)
• Vulnerability (32,461)
• Web (9,836)
• Whitepaper (3,768)
• x86 (966)
• XSS (18,130)
• Other

File Archives

• March 2024
• February 2024
• January 2024
• December 2023
• November 2023
• October 2023
• September 2023
• August 2023
• July 2023
• June 2023
• May 2023
• April 2023
• Older

Systems

• AIX (429)
• Apple (2,060)
• BSD (375)
• CentOS (57)
• Cisco (1,926)
• Debian (6,978)
• Fedora (1,693)
• FreeBSD (1,246)
• Gentoo (4,466)
• HPUX (880)
• iOS (369)
• iPhone (108)
• IRIX (220)
• Juniper (69)
• Linux (48,786)
• Mac OS X (691)
• Mandriva (3,105)
• NetBSD (256)
• OpenBSD (487)
• RedHat (15,203)
• Slackware (941)
• Solaris (1,611)
• SUSE (1,444)
• Ubuntu (9,336)
• UNIX (9,371)
• UnixWare (187)
• Windows (6,635)
• Other