####################################################
# Exploit Title: Wordpress Content text slider on post Stored XSS
# Date: 2015/dec/27
# Exploit Author: ALIREZA_PROMIS
# Vendor Homepage: https://wordpress.org/plugins/content-text-slider-on-post/
# Software Link: https://downloads.wordpress.org/plugin/content-text-slider-on-post.zip
# Version: 6.8
# Tested on: windows 7 / FireFox
####################################################

#Exploitation :
For Exploiting This Vulnerability You Should Install Content text slider on post
Add details : http://site/wp-admin/options-general.php?page=content-text-slider-on-post&ac=add
In "Title" or "Message/Content" text area Can Input Place Your JavaScript Code and click on "insert Details" .
Execute javascript Codes here :
http://site//wp-admin/options-general.php?page=content-text-slider-on-post

{ you can steal admin cookie with moderator access }


####################################################
# http://iransec.net/forums
#  Mr.Moein  , sheytan azzam , Mr.PERSIA  , HellBoy.Blackhat
#   Jok3r ,  Kamran Helish ,  Dr.RooT ,Sajjad sotudeh
#
#
# [+] fb.com/alirezapomis.blackhat
# [+] https://telegram.me/pr0mis
####################################################