| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <002301cc17b6$4b0a1360$9b7a6fd5@ml> Date: Sat, 21 May 2011 15:53:51 +0300 From: "MustLive" <mustlive@...security.com.ua> To: <submissions@...ketstormsecurity.org>, <full-disclosure@...ts.grok.org.uk> Subject: Vulnerabilities in Easy Contact for WordPress Hello list! I want to warn you about Insufficient Anti-automation, Abuse of Functionality and Cross-Site Scripting vulnerabilities in plugin Easy Contact for WordPress. ------------------------- Affected products: ------------------------- Vulnerable are Easy Contact 0.1.2 and previous versions. ---------- Details: ---------- Insufficient Anti-automation (WASC-21): Lack of captcha at contact page allows to send automated messages (particularly spam) to admin of the site. Captcha is turned off by default and the type of text captcha Challenge Question is not reliable, because the value is fixed. Abuse of Functionality (WASC-42): At contact page it's possible to send spam via function Carbon Copy (Email yourself a copy). Which is turned on by default and leads to that it's possible to send spam via the site as to admin, as to arbitrary emails. And with using of Insufficient Anti-automation vulnerability it's possible to send automatically spam from the site on a large scale. Exploit: http://websecurity.com.ua/uploads/2011/Easy%20Contact%20Abuse%20of%20Functionality.html XSS (WASC-08): Exploits: http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS.html http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS-2.html http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS-3.html http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS-4.html ------------ Timeline: ------------ 2011.04.01 - announced at my site. 2011.04.03 - informed developers. 2011.05.20 - disclosed at my site. I mentioned about these vulnerabilities at my site (http://websecurity.com.ua/5055/). Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists