#Product : Echosign Plugin
#Exploit Author : Rahul Pratap Singh
#Version :1.1
#Home page Link : https://wordpress.org/plugins/
#Website : 0x62626262.wordpress.com
#Linkedin : https://in.linkedin.com/in/
#Date : 21/4/2016
XSS Vulnerability:
------------------------------
Description:
------------------------------
"Page" and "id" parameters are not sanitized that leads to XSS
Vulnerability.
------------------------------
Vulnerable Code:
------------------------------
File Name: testfiles/echosign/inc.php
Found at line:199
<input type="hidden" name="page" value="<?php echo $_REQUEST['page']; ?>" />
File Name: testfiles/echosign/templates/
Found at line:31
<input type = 'hidden' name = 'id' value = '<?php echo $_REQUEST['id'];
?>'>
------------------------------
Fix:
No fix Available
Vulnerability Disclosure Timeline:
→ March 03, 2016 – Bug discovered, initial report to WordPress.
→ March 07, 2016 – No, response. Report sent again.
→ March 08, 2016 – WordPress Acknowledged. Plugin taken down.
→ April 21, 2016 – Plugin still down. No patch available.
Pub Ref:
https://0x62626262.wordpress.
https://wordpress.org/plugins/
Komentarų nėra:
Rašyti komentarą