CVE-2016-1000149
published 2016-10-10CVE-2016-1000149: Reflected XSS in wordpress plugin simpel-reserveren v3.5.2
PriorityP278medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
3.98%
89.2th percentile
Reflected XSS in wordpress plugin simpel-reserveren v3.5.2
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| simpel-reserveren_project | simpel-reserveren | <= 3.5.2 | — |
Detection & IOCsextracted from sources · hover to see the quote
url/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E↗
- →Probe for CVE-2016-1000149 by sending a GET request to the vulnerable endpoint with XSS payload in the `page` parameter; a vulnerable host will reflect `alert(document.domain)` in the HTML body with a 200 OK and Content-Type: text/html response. ↗
- →Confirm plugin presence before exploitation by checking that `/wp-content/plugins/simpel-reserveren/readme.txt` contains both the strings `Simpel Reserveren` and `Tags:`. ↗
- →The reflected XSS payload is URL-encoded in the `page` GET parameter of edit.php; detection should look for the decoded payload `</script><script>alert(document.domain)</script>` reflected in the response body. ↗
- ·The vulnerability affects simpel-reserveren plugin version 3.5.2 and below; version 3.5.3 and above are reported as patched. ↗
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vulncheck6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cm69-2jqv-j434: Reflected XSS in wordpress plugin simpel-reserveren v3
ghsa_unreviewed·2022-05-17
CVE-2016-1000149 [MEDIUM] CWE-79 GHSA-cm69-2jqv-j434: Reflected XSS in wordpress plugin simpel-reserveren v3
Reflected XSS in wordpress plugin simpel-reserveren v3.5.2
VulnCheck
simpel-reserveren_project simpel-reserveren Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
vulncheck·2016·CVSS 6.1
CVE-2016-1000149 [MEDIUM] simpel-reserveren_project simpel-reserveren Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
simpel-reserveren_project simpel-reserveren Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Reflected XSS in wordpress plugin simpel-reserveren v3.5.2
Affected: simpel-reserveren_project simpel-reserveren
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.f5.com/labs/articles/threat-intelligence/sensor-intel-series-top-cves-august-2024; https://www.f5.com/labs/articles/threat-intelligence/botpoke-scanner-switches-ip
No detection rules found.
Nuclei
WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2016-1000149 [MEDIUM] WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting
WordPress Simpel Reserveren =3.5.3) or apply a patch provided by the vendor to fix the XSS vulnerability.
reference:
- https://wordpress.org/plugins/simpel-reserveren
- http://www.vapidlabs.com/wp/wp_advisory.php?v=474
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000149
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2016-1000149
cwe-id: CWE-79
epss-score: 0.07335
epss-percentile: 0.91714
cpe: cpe:2.3:a:simpel-reserveren_project:simpel-reserveren:*:*:*:*:*:wordpress:*:*
metadata:
max-request: 2
vendor: "simpel-reserveren_project"
product: "simpel-reserveren"
framework: wordpress
tags: cve2016,cve,wordpress,xss,wp-plugin,simpel-reserveren_project
No writeups or analysis indexed.
2016-10-10
Published
Exploited in the wild