Recently Ricardo Sanchez disclosed a reflected cross-site scripting (XSS) vulnerability in the plugin SagePay Server Gateway for WooCommerce. When we went to test that out while adding the vulnerability to our data set, we noticed a strange result. The proof of concept URL was
/wp-content/plugins/sagepay-server-gateway-for woocommerce/includes/pages/redirect.php?page=</script>”><script>alert(“R1XS4.COM”)</script>
but after the reflected cross-site scripting happened the URL was changing to
/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/</script>
Looking at the
Source: Security Feed