{"id":30940,"date":"2022-09-19T19:58:25","date_gmt":"2022-09-19T15:58:25","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/168411\/wpgetyourguideticketing101-xss.txt"},"modified":"2022-09-28T15:49:15","modified_gmt":"2022-09-28T12:19:15","slug":"wordpress-getyourguide-ticketing-1-0-1-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/wordpress-getyourguide-ticketing-1-0-1-cross-site-scripting\/","title":{"rendered":"WordPress GetYourGuide Ticketing 1.0.1 Cross Site Scripting"},"content":{"rendered":"<dl id=\"F168411\" class=\"file first\">\n<dt dir=\"ltr\"><a class=\"ico text-plain\" title=\"Size: 0.7 KB\" href=\"https:\/\/packetstormsecurity.com\/files\/download\/168411\/wpgetyourguideticketing101-xss.txt\" target=\"_blank\" rel=\"noopener\"><strong>WordPress GetYourGuide Ticketing 1.0.1 Cross Site Scripting<\/strong><\/a><\/dt>\n<dd class=\"datetime\" dir=\"ltr\">Posted <a title=\"14:55:34 UTC\" href=\"https:\/\/packetstormsecurity.com\/files\/date\/2022-09-19\/\" target=\"_blank\" rel=\"noopener\">Sep 19, 2022<\/a><\/dd>\n<dd class=\"refer\" dir=\"ltr\">Authored by <a class=\"person\" href=\"https:\/\/packetstormsecurity.com\/files\/author\/16291\/\" target=\"_blank\" rel=\"noopener\">Mariam Tariq<\/a><\/dd>\n<dd class=\"detail\" dir=\"ltr\">WordPress GetYourGuide Ticketing plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.<\/dd>\n<dd class=\"tags\" dir=\"ltr\">tags | <a href=\"https:\/\/packetstormsecurity.com\/files\/tags\/exploit\" target=\"_blank\" rel=\"noopener\">exploit<\/a>, <a href=\"https:\/\/packetstormsecurity.com\/files\/tags\/xss\" target=\"_blank\" rel=\"noopener\">xss<\/a><\/dd>\n<dd class=\"md5\" dir=\"ltr\">SHA-256 | <code>dd8e52981b226511a35efc2482778941e5de97075699192860753ae706085694<\/code><\/dd>\n<dd class=\"act-links\" dir=\"ltr\"><a title=\"Size: 0.7 KB\" href=\"https:\/\/packetstormsecurity.com\/files\/download\/168411\/wpgetyourguideticketing101-xss.txt\" rel=\"nofollow noopener\" target=\"_blank\">Download<\/a> | <a class=\"fav\" href=\"https:\/\/packetstormsecurity.com\/files\/favorite\/168411\/\" rel=\"nofollow noopener\" target=\"_blank\">Favorite<\/a> | <a href=\"https:\/\/packetstormsecurity.com\/files\/168411\/WordPress-GetYourGuide-Ticketing-1.0.1-Cross-Site-Scripting.html\" target=\"_blank\" rel=\"noopener\">View<\/a><\/dd>\n<\/dl>\n<div class=\"src\" dir=\"ltr\">\n<pre><code># *Exploit Title*: WordPress Plugin \u2018GetYourGuide Ticketing\u2019 - Stored\r\nCross-Site Scripting\r\n# Date: 18-09-2022\r\n# Exploit Author: Mariam Tariq - HunterSherlock\r\n# Vendor Homepage:\r\nhttps:\/\/wordpress.org\/plugins\/search\/GetYourGuide+Ticketing\/\r\n# Version: 1.0.1\r\n# Tested on: Firefox\r\n# Contact me: mariamtariq404@gmail.com<\/code><\/pre>\n<p># *Vulnerable code*:<\/p>\n<pre><code><\/code><\/pre>\n<p>&#8220;` &lt;input type=&#8221;text&#8221; name=&#8221;partner_hash&#8221; value=&#8221;&lt;?php echo $partner_hash<br \/>\n?&gt;&#8221;&gt;&lt;\/input&gt; &#8220;`<\/p>\n<pre><code><\/code><\/pre>\n<p># *POC*:<\/p>\n<pre><code><\/code><\/pre>\n<p>1- Install the plugin \u2018GetYourGuide Ticketing\u2019 &amp; activate it.<br \/>\n2- Navigate toward the GYG-Ticketing<br \/>\n3- Enter the XSS payload ` \u201c&gt;&lt;img src=x onerror=alert(1)&gt;`<br \/>\n4- Go to link builder to verify the XSS pop-up.<\/p>\n<pre><code><\/code><\/pre>\n<p>#* POC image*:<\/p>\n<pre><code><\/code><\/pre>\n<blockquote class=\"imgur-embed-pub\" lang=\"en\" data-id=\"amrDhIt\"><p><a href=\"https:\/\/imgur.com\/amrDhIt\" target=\"_blank\" rel=\"noopener\">View post on imgur.com<\/a><\/p><\/blockquote>\n<p><script async src=\"\/\/s.imgur.com\/min\/embed.js\" charset=\"utf-8\"><\/script><\/p>\n<pre><code><\/code><\/pre>\n<p>&nbsp;<\/p>\n<pre><code><\/code><\/pre>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>WordPress GetYourGuide Ticketing 1.0.1 Cross Site Scripting Posted Sep 19, 2022 Authored by Mariam Tariq WordPress GetYourGuide Ticketing plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability. tags | exploit, xss SHA-256 | dd8e52981b226511a35efc2482778941e5de97075699192860753ae706085694 Download | Favorite | View # *Exploit Title*: WordPress Plugin \u2018GetYourGuide Ticketing\u2019 &#8211; Stored Cross-Site Scripting # Date: 18-09-2022 &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-30940","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/30940","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=30940"}],"version-history":[{"count":1,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/30940\/revisions"}],"predecessor-version":[{"id":31347,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/30940\/revisions\/31347"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=30940"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=30940"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=30940"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}