.. / CVE-2020-7107

Exploit for WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting (CVE-2020-7107)

Description:

WordPress Ultimate FAQ plugin before 1.8.30 is susceptible to cross-site scripting via Display_FAQ to Shortcodes/DisplayFAQs.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Nuclei Template

View the template here CVE-2020-7107.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-7107.yaml

References:

https://plugins.trac.wordpress.org/changeset/2222959/ultimate-faqs/tags/1.8.30/Shortcodes/DisplayFAQs.php
https://nvd.nist.gov/vuln/detail/CVE-2020-7107
https://wordpress.org/plugins/ultimate-faqs/
https://wordpress.org/plugins/ultimate-faqs/#developers
https://wpscan.com/vulnerability/5e1cefd5-5369-44bd-aef7-2a382c8d8e33

.. / CVE-2020-7107 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting (CVE-2020-7107)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2020-7107