Reflected XSS at yaman.olx.ph

Description of the Vulnerability ==================== Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. Vulnerable endpoint with Payload -------------------------------- ``` http://yaman.olx.ph/wp-content/themes/twentyfifteen/genericons/example.html#<img/src/onerror=alert(123)> ``` Recommended Fix ------------------------------------ Upgrade to the latest Wordpress Version or simply delete example.html from twentyfifteen theme.