JobCareer | Job Board Responsive WordPress Theme 2.5 - Stored XSS



Description
Bad input fields data filtering has been discovered in the «JobCareer | Job Board Responsive WordPress Theme».
Proof of Concept
http://jobcareer.chimpgroup.com/candidate/asdasdasdasdasd/

Register a new account on the demo website: http://jobcareer.chimpgroup.com/ , then go to the «Resume» profile tab: http://jobcareer.chimpgroup.com/candidate-dashboard/?profile_tab=resume . Some of input fields are vulnerable for Stored XSS Injections due to bad XSS filtering. Press the «+ Add new» link and use your payload only in the text editor area and only in the «Source» view (</> icon).

Sample payload to bypass XSS filter: <h1>QUIXSS</h1>"><script>alert('QUIXSS')</script>"><img src="x" onerror="alert('QUIXSS');">

Affects Theme

fixed in version 2.5.1

References

URL https://themeforest.net/item/jobcareer-job-board-responsive-wordpress-theme/14221636

Classification

Type XSS
OWASP Top 10 A3: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher QUIXSS
Submitter quixss
Submitter Website defcon.su
Submitter Twitter @quixss
Views 2238
Verified No
WPVDB ID 9322

Timeline

Publicly Published 2019-04-24 (about 2 months ago)
Added 2019-05-29 (21 days ago)
Last Updated 2019-05-30 (20 days ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.