.. / CVE-2016-1000127

Exploit for WordPress AJAX Random Post <=2.00 - Cross-Site Scripting (CVE-2016-1000127)

Description:

WordPress AJAX Random Post 2.00 is vulnerable to reflected cross-site scripting.

Nuclei Template

View the template here CVE-2016-1000127.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2016/CVE-2016-1000127.yaml
Copy

References:

http://www.vapidlabs.com/wp/wp_advisory.php?v=494
https://github.com/ARPSyndicate/kenzer-templates
https://wordpress.org/plugins/ajax-random-post
https://nvd.nist.gov/vuln/detail/CVE-2016-1000127