cbcvebase.
CVE-2016-1000149
published 2016-10-10

CVE-2016-1000149: Reflected XSS in wordpress plugin simpel-reserveren v3.5.2

PriorityP278medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
3.98%
89.2th percentile
Reflected XSS in wordpress plugin simpel-reserveren v3.5.2

Affected

1 ranges
VendorProductVersion rangeFixed in
simpel-reserveren_projectsimpel-reserveren<= 3.5.2

Detection & IOCsextracted from sources · hover to see the quote

url/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
path/wp-content/plugins/simpel-reserveren/edit.php
  • Probe for CVE-2016-1000149 by sending a GET request to the vulnerable endpoint with XSS payload in the `page` parameter; a vulnerable host will reflect `alert(document.domain)` in the HTML body with a 200 OK and Content-Type: text/html response.
  • Confirm plugin presence before exploitation by checking that `/wp-content/plugins/simpel-reserveren/readme.txt` contains both the strings `Simpel Reserveren` and `Tags:`.
  • The reflected XSS payload is URL-encoded in the `page` GET parameter of edit.php; detection should look for the decoded payload `</script><script>alert(document.domain)</script>` reflected in the response body.
  • ·The vulnerability affects simpel-reserveren plugin version 3.5.2 and below; version 3.5.3 and above are reported as patched.

CVSS provenance

nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vulncheck6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.