Under /wp-admin/admin.php?page=dealertrend_api#feeds
If you change Company ID to "><script>alert(1)</script> it will execute (may have to do it twice, not sure).
I'm pretty sure all fields here are exploitable to XSS, as well as SQLi. They're persistent, meaning you're also vulnerable to cookie stealing and such.
grok
commented
13 years ago
Under /wp-admin/admin.php?page=dealertrend_api#feeds
If you change Company ID to
"><script>alert(1)</script>it will execute (may have to do it twice, not sure).I'm pretty sure all fields here are exploitable to XSS, as well as SQLi. They're persistent, meaning you're also vulnerable to cookie stealing and such.