WordPress FooGallery 2.4.16 Cross Site Scripting

WordPress FooGallery 2.4.16 Cross Site Scripting: Posted Jul 2, 2024; Authored by tmrswrr; WordPress FooGallery plugin version 2.4.16 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | b9f344160d5b9492eaa5c8a7c828dab1f4a547554b1f87ef5cdd39ece6f378c5; Download | Favorite | View

WordPress FooGallery 2.4.16 Cross Site Scripting

# Exploit Title: FooGallery version : 2.4.16 Stored XSS
# Date: 2024-07-02
# Exploit Author: tmrswrr
# Category : Webapps
# Vendor Homepage: https://wordpress.org/plugins/foogallery/
# Version 2.4.16


### Steps to Execute the Payload:

1. **Click Add New Gallery**: [Add New Gallery](https://127.0.0.1/wp-admin/post-new.php?post_type=foogallery)
2. **Write Add Title your payload**: `"><sVg/onLy=1 onLoaD=confirm(1)//`
3. **Click Publish**, then click **Create Gallery Page**.
4. **Verify Execution**: You will see the payload executed in the usage field.

Top Authors In Last 30 Days

Red Hat 237 files
Ubuntu 85 files
Gentoo 31 files
Debian 17 files
tmrswrr 8 files
Sina Kheirkhah 7 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
bRpsd 3 files
ron190 2 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,448)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,344)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,672)
UNIX (9,427)
UnixWare (187)
Windows (6,666)
Other

WordPress FooGallery 2.4.16 Cross Site Scripting

WordPress FooGallery 2.4.16 Cross Site Scripting

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

WordPress FooGallery 2.4.16 Cross Site Scripting

Share This

WordPress FooGallery 2.4.16 Cross Site Scripting

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems