.. / CVE-2017-18536

Exploit for WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting (CVE-2017-18536)

Description:

WordPress Stop User Enumeration 1.3.7 and earlier are vulnerable to unauthenticated reflected cross-site scripting.

Nuclei Template

View the template here CVE-2017-18536.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2017/CVE-2017-18536.yaml
Copy

References:

https://wordpress.org/plugins/stop-user-enumeration/#developers
https://github.com/ARPSyndicate/kenzer-templates
https://nvd.nist.gov/vuln/detail/CVE-2017-18536
https://wpscan.com/vulnerability/956cc5fd-af06-43ac-aa85-46b468c73501