CVE-2017-6814

Cybersecurity-Week-7-Project-WordPress-vs-Kali Project 7 - WordPress Pentesting Time spent: 45 hours spent in total Objective: Find, analyze, recreate, and document five vulnerabilities affecting an old version of WordPress Pentesting Report Authenticated Stored Cross-Site Scripting (XSS) ID: CVE-2015-5622 Summary: Vulnerability types: XSS Tested in version: 42 Fixed

Stored XSS in Wordpress Core for embed youtube urls: created by adding crafted xss youtube embed url WPScan summary: Title: WordPress 40-472 - Authenticated Stored Cross-Site Scripting (XSS) in YouTube URL Embeds Reference: wpvulndbcom/vulnerabilities/8768 Reference: wordpressorg/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/ Reference: ht

Project 7 - WordPress Pentesting Time spent: 12 hours spent in total Objective: Find, analyze, recreate, and document Three vulnerabilities affecting an old version of WordPress Pentesting Report 1 Authenticated XSS in comments (CVE-2019-9787) Summary: Wordpress did not properly filter comments, leading to remote code execution by unauthenticated user configuration Vulne

Project 7 - WordPress Pentesting Time spent: 4 hours spent in total Objective: Find, analyze, recreate, and document five vulnerabilities affecting an old version of WordPress Pentesting Report Authenticated Stored Cross-Site Scripting (XSS) in YouTube URL Embeds (CVE-2017-6817) Summary: Vulnerability types: XSS Tested in version: 42 Fixed in version: 4213 GIF Walk

codepath week 7 assignment

Project 7 - WordPress Pentesting Time spent: 5 hours spent in total Objective: Find, analyze, recreate, and document five vulnerabilities affecting an old version of WordPress Pentesting Report (Required) CVE-2015-3440 - Unauthenticated Stored Cross-Site Scripting Summary: Vulnerability types: XSS Tested in version: 42 Fixed in version: 421 GIF Walkthrough:

Project 7 - WordPress Pentesting Time spent: 5 hours spent in total Objective: Find, analyze, recreate, and document five vulnerabilities affecting an old version of WordPress Pentesting Report (Required) Unauthenticated Stored Cross-Site Scripting(CVE-2015-3440) Summary: Vulnerability types: XSS Tested in version: 42 Fixed in version: 421 GIF Walkthrough:

Hung_Nguyen_Cybersecurity_University Project 7 - WordPress Pentesting Time spent: 6 hours spent in total Objective: Find, analyze, recreate, and document three (required) to five (optional) vulnerabilities affecting an old version of WordPress Pentesting Report (Required) 40-472 - Authenticated Stored Cross-Site Scripting (XSS) in YouTube URL Embeds Summary: Vulnerabi

Project 7 - WordPress Pen Testing Time spent: 12 hours spent in total Objective: Find, analyze, recreate, and document five vulnerabilities affecting an old version of WordPress Pen Testing Report 1 Authenticated Stored Cross-Site Scripting (XSS) ID: CVE-2015-5622 Summary: Vulnerability types:XSS Tested in version:42 Fixed in version:423 GIF Walkthrough:

WordPress-Pen-Testing-Lab Exploit 1 WordPress 360-472 - Authenticated Cross-Site Scripting (XSS) via Media File Metadata (CVE-2017-6814) Reference: sumofpwnnl/advisory/2016/wordpress_audio_playlist_functionality_is_affected_by_cross_site_scriptinghtml To exploit this vulnerability, I used the following steps: Download an arbitrary MP3 file (I prefer something by

My WPS scan Results

Project 7 - WordPress Pentesting Pentesting Report Time spent: 9 hours spent in total because I couldn't get it up and running in Vbox Objective: Find, analyze, recreate, and document six vulnerabilities affecting an old version of WordPress Table of Contents List of Vulnerabilities found -[!] Title: WordPress 42-472 - Press This CSRF DoS -[!] Title: WordPress 23-4

Project 7 - WordPress Pentesting Time spent: 3 hours spent in total Objective: Find, analyze, recreate, and document three vulnerabilities affecting an old version of WordPress Authenticated Stored Cross-Site Scripting - CVE-2015-5622 Summary: Cross-site scripting (XSS) vulnerability in WordPress before 423 allows remote authenticated users to inject arbitrary web script

Project 7 - WordPress Pentesting (CSE 4253)

Project 7 - WordPress Pentesting Time spent: 3 hours spent in total Objective: Find, analyze, recreate, and document five vulnerabilities affecting an old version of WordPress Pentesting Report CVE-2016-7168 Summary: Vulnerability types: XSS Tested in version: 42 Fixed in version: 461 Steps to recreate: Create an image with a name containing something like <

My WPS scan Results

Project 7 - WordPress Pentesting Pentesting Report Time spent: 9 hours spent in total because I couldn't get it up and running in Vbox Objective: Find, analyze, recreate, and document six vulnerabilities affecting an old version of WordPress Table of Contents List of Vulnerabilities found -[!] Title: WordPress 42-472 - Press This CSRF DoS -[!] Title: WordPress 23-4

Project 7 - WordPress Pentesting Time spent: 12 hours spent in total Objective: Find, analyze, recreate, and document Three vulnerabilities affecting an old version of WordPress Pentesting Report 1 Authenticated XSS in comments (CVE-2019-9787) Summary: Wordpress did not properly filter comments, leading to remote code execution by unauthenticated user configuration Vulne