Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add CVE-2023-2309 #10262

Merged
merged 2 commits into from
Jul 23, 2024
Merged

add CVE-2023-2309 #10262

merged 2 commits into from
Jul 23, 2024

Conversation

Kazgangap
Copy link
Contributor

CVE-2023-2309

Proof of Concept
1. Visit wpForo > Settings > General Settings.
2. Enable Debug Mode and click Save Options.
3. Visit a forum on the frontend, e.g. `/community/main-forum/`
4. Append the following URL parameter to achieve XSS: `?param=%3Cscript%3Ealert(/XSS/)%3C/script%3E`

https://wpscan.com/vulnerability/1b3f4558-ea41-4749-9aa2-d3971fc9ca0d/

Template Validation

I've validated this template locally?

  • YES
  • NO

Additional Details (leave it blank if not applicable)

Additional References:

@DhiyaneshGeek DhiyaneshGeek self-assigned this Jul 11, 2024
@DhiyaneshGeek DhiyaneshGeek added the Done Ready to merge label Jul 22, 2024
@pussycat0x
Copy link
Contributor

Hi @Kazgangap Thank you for sharing this template with the community and for your contribution to this project. Your efforts are greatly appreciated. Cheers!

@DhiyaneshGeek DhiyaneshGeek merged commit 62eb07f into projectdiscovery:main Jul 23, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pussycat0x pussycat0x pussycat0x approved these changes

Assignees

@DhiyaneshGeek DhiyaneshGeek

Labels
Done Ready to merge
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Kazgangap @pussycat0x @DhiyaneshGeek