Home / os / winmobile

WordPress WP Job Manager 1.26.1 Cross Site Scripting

Posted on 15 June 2017

# Exploit Title: Stored Cross-Site Scripting in WP Job Manager # Date: 2017-06-15 # Exploit Author: 0xCode Security Lab , Ehsan Hosseini # Software Link: https://wordpress.org/plugins/wp-job-manager/ http://wpjobmanager.com/ # Version: 1.26.1 # Contact: info@0xcode.ir 0xCode Lab ID: --------------- 0xC-201706-001 Introduction: ------------- WP Job Manager is a lightweight job listing plugin for adding job-board like functionality to WordPress sites. A Stored Cross-Site Scripting vulnerability was found in the WP Job Manager WordPress Plugin. Proof of Concept (PoC): ------------------------ 1.From 'Job Listings' menu select 'Add New' http://localhost/wordpress/wp-admin/post-new.php?post_type=job_listing 2.Enter this payload for title of job <script>alert('Ehsan Hosseini - Xss Stored')</script> and other complete other fields... 3.Publish 4.Go the 'All jobs' 5.Boom Xss Executed. Disclosure Timeline: --------------------- 2017-06-09: Vulnerability found. 2017-06-10: Reported to vendor. 2017-06-12: Vendor responded, update released. 2017-06-15: Public Disclosure. Fix: ---- This issue fixed in WP Job Manager 1.26.2 References: ------------ https://github.com/Automattic/WP-Job-Manager/pull/1026 https://wordpress.org/support/topic/wp-job-manager-1-26-2-released/ Credits & Authors: ------------------ 0xCode Security Lab , Ehsan Hosseini

 

TOP