Lucene search

K

Contact Form Email < 1.3.44 - Editor+ Stored Cross-Site Scripting

🗓️ 14 Nov 2023 00:00:00Reported by Mohamed AzarudheenType 
wpexploit
 wpexploit
👁 70 Views

Contact Form Email Editor+ Stored Cross-Site Scriptin

Show more
Related
Code
1. Create a form and navigate to 'Edit' and 'Settings.'
3. Under the 'On submit action,' select the option to "Stay on the page and display a classic JavaScript alert box with a message."
3. Enter the payload is provided: `</script><script>alert(document.domain)</script>`. 
4. Save and publish by visiting the page. It will execute the payload.

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
14 Nov 2023 00:00Current
6Medium risk
Vulners AI Score6
EPSS0.001
70
.json
Report