WordPress Plugin Sabai Discuss - Cross-Site Scripting

EDB-ID:

42317

CVE:

N/A




Platform:

PHP

Date:

2017-07-12


# Exploit Title: Sabai Discuss Wordpress Plugin Stored XSS vulnerability
# Exploit Author: Hesam Bazvand
# Contact: https://www.facebook.com/hesam.king73
# Software demo : https://sabaidiscuss.com/
# Tested on: Windows 7 / Kali Linux
# Category: WebApps
# Dork : User Your Mind ! :D
# Video Demo : https://youtu.be/QETN6cvBMoM
# Email : Black.king066@gmail.com
# Special thanks to Mr alireza ajami
 
1- Create new question 
	http://localhost/wordpress/questions/ask

2- Insert XSS Code in Title Field

3- Enjoy it!