The worpdress pretty photo plugin appears to be vulnerable to a DOM based
xss, unlike other XSS, dom based xss occurs on the client side, thus
leaving all the server side defenses worthlesss. The issue occurs inside
where the source (User supplied input) is passed through a vulnerable sink
(Anything that creates/writes) without sanitsing/escaping the user supplied
Line 623: hashIndex = getHashtag();
Inside the line 623, we see a variable hashIndex which calls th e
getHashtag() function, which is responsible for returning the user
supplied values after the hash.
Finally we have the above line which is responsible for the cause of the
dom based xss, the $("a[rel^='" + hashRel + "']:eq(" + hashIndex + ")
writes the user supplied input to the dom without sanitising the input.