==============================
Product: Wordfence Firewall Plugin For Wordpress
Vendor: Wordfence
Vulnerable Version(s): 5.1.2
Tested Version: 5.1.2
Advisory Publication: June 30, 2014 [without technical details]
Vendor Notification: June 24, 2014
Vendor Patch: June 29, 2014
Public Disclosure: June 30, 2014
Vulnerability Type:Reflected Cross-Site Scripting
CVE Reference: CVE-2014-4664
Risk Level: High
Solution Status: Fixed by Vendor
------------------------------
Reported By - Narendra Bhati ( R00t Sh3ll)
Security Analyst @ Suma Soft Pvt. Ltd. ( IT Risk & Security Management Services , Pune ( India)
Facebook - https://facebook.com/
twitter - https://www.twitter.com/
Blog - http://hacktivity.websecgeeks.
Email - bhati.contact@gmail.com
------------------------------
Advisory Details:
Narendra Bhati discovered vulnerability in Wordfence Firewall Plugin For Wordpress , which can be exploited to perform Cross-Site Scripting (XSS) attacks.
1) Reflected Cross-Site Scripting (XSS) in Wordfence Firewall Plugin For Wordpress : CVE-2014-4664
The vulnerability exists due to insufficient sanitization of input data passed via the "whoisval" HTTP GET parameter to "http://127.0.0.1/wp-admin/
This vulnerability can be used against website administrator to perform phishing attacks, steal potentially sensitive data and gain complete control over web application.
The exploitation example below uses the "";</script><script>alert(/
http://127.0.0.1/wp-admin/
------------------------------
Solution:
Update to " 5.1.4" From his official website or update from wordpress dashboard
More Information:
Vendor Public Advisory
http://www.wordfence.com/blog/
Full Disclosure With Technical Details - http://hacktivity.websecgeeks.
Komentarų nėra:
Rašyti komentarą