what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

WordPress WP Event Manager 3.1.27 Cross Site Scripting

WordPress WP Event Manager 3.1.27 Cross Site Scripting
Posted May 16, 2022
Authored by Mariam Tariq

WordPress WP Event Manager plugin version 3.1.27 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | cb5312a73f5b91f714b3b64a7d4a985e9b27b678feeae51e27a65c49cef79597

WordPress WP Event Manager 3.1.27 Cross Site Scripting

Change Mirror Download
# Exploit Title: WordPress Plugin WP Event Manager  - Stored Cross Site
Scripting
# Date: 15-05-2022
# Exploit Author: Mariam Tariq - HunterSherlock
# Vendor Homepage: https://wordpress.org/plugins/wp-event-manager/
# Version: 3.1.27
# Tested on: Firefox
# Contact me: mariamtariq404@gmail.com


#Steps To Reproduce :

1 - First Install the plugins - wp-event-manager and activate it.
2 - Go to event manager —> Add New
3 - Inside the “”Event Title” at the top, enter XSS payload “><img src=x
onerror=alert(1)> and hit publish.
4 - Check the newly made event’s URL /event/{id}/ , XSS will trigger.

#Poc Image :

https://imgur.com/J1Q3x5u
Login or Register to add favorites

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close