WordPress Plugin Slider by Soliloquy 2.6.2 - 'title' Stored Cross Site Scripting (XSS) (Authenticated)

2021-12-03
ID: 105001
CVE: None
Download vulnerable application: None
# Exploit Title: 
# Date: 02/12/2021
# Exploit Author: Abdurrahman Erkan (@erknabd)
# Vendor Homepage: https://soliloquywp.com/
# Software Link: https://wordpress.org/plugins/soliloquy-lite/
# Version: 2.6.2
# Tested on: Kali Linux 2021 - Firefox 78.7, Windows 10 - Brave 1.32.113, WordPress 5.8.2

# Proof of Concept:
#
# 1- Install and activate the Slider by Soliloquy 2.6.2 plugin.
# 2- Open Soliloquy and use "Add New" button to add new post.
# 3- Add payload to title. Payload: <script>alert(document.cookie)</script>
# 4- Add any image in post.
# 5- Publish the post.
# 6- XSS has been triggered.
#
# Go to this url "http://localhost/wp-admin/post.php?post=1&action=edit" XSS will trigger. - For wordpress users.
# Go to this url "http://localhost/?post_type=soliloquy&p=1" XSS will trigger. - For normal users.
1-4-2 (www01)