| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <201504211805.t3LI5b60010146@sf01web2.securityfocus.com> Date: Tue, 21 Apr 2015 18:05:37 GMT From: kumarrohit2255@...il.com To: bugtraq@...urityfocus.com Subject: Stored Cross Site Scripting Vulnerability in Add Link to Facebook WordPress Plugin Title: Stored XSS Vulnerability in Add Link to Facebook Wordpress Plugin Author: Rohit Kumar Plugin Homepage: http://wordpress.org/extend/plugins/add-link-to-facebook/ Severity: Medium Version Affected: Version 1.215 and mostly prior to it. Version Tested: Version 1.215 Version Patched : 1.215 Description: Vulnerable Parameter 1. App ID 2. App Secret 3. Custom Picture URL 4. Default Picture URL 5. URL News Feed Icon About Vulnerability This plugin is vulnerable to Stored Cross Site Scripting Vulnerability. This issue was exploited when user accessed to “Add Link to Facebook” Settings in Wordpress with Administrator privileges. A malicious administrator can hijack other user’s sessions, take control of another administrator’s browser or install malware on their computer. Vulnerability Class: Cross Site Scripting (https://www.owasp.org/index.php/Top_10_2013-A3-Cross-Site_Scripting_(XSS)) Steps to Reproduce: After installing the plugin:  Goto Settings All in One Facebook  Input this payload in “App ID” :- “><script>alert(1)</script>  Click on the Save button.  After reloading the page you will see a Pop Up Box with 1 written on it.  Reload the page again to make sure it’s stored. Change Log https://wordpress.org/plugins/add-link-to-facebook/changelog/ Disclosure 09th March 2015
Powered by blists - more mailing lists