Advisory: WordPress Plugin 'Types' Cross-Site Request Forgery & Stored Cross-site scripting vulnerability Advisory ID: SSCHADV2013-005 Author: Stefan Schurtz Affected Software: Successfully tested on Types Vendor URL: Vendor Status: fixed CVE-ID: Requested ========================== Vulnerability Description ========================== The parameter 'skypename' of the WordPress plugin Types is prone to a CSRF and stored XSS vulnerability ================== PoC-Exploit ================== OWASP CRSFTester Demonstration

OWASP CRSFTester Demonstration

========= Solution ========= Upgrade to the latest version ==================== Disclosure Timeline ==================== 30-Mar-2013 - informed 04-Apr-2013 - fixed by developer ======== Credits ======== Vulnerability found and advisory written by Stefan Schurtz. =========== References ===========