exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

WordPress Ninja Forms 2.8.8 Cross Site Scripting

WordPress Ninja Forms 2.8.8 Cross Site Scripting
Posted Feb 12, 2015
Authored by Sergio Navarro

WordPress Ninja Forms plugin version 2.8.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d9cdb4289101f87321d12ef9895293720a72dd17e96f746e1a95667c4dc179cb

WordPress Ninja Forms 2.8.8 Cross Site Scripting

Change Mirror Download
============================================================
- Title: Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability
- Vulnerable Version: 2.8.8 and probably prior
-Tested Version:2.8.8
- Vendor Notification: 20 November 2014
- Vendor Patch: 20 November 2014
-Vulnerability Type: Cross-Site Scripting [CWE-79]
-CVE Reference: TBC
- Discovered by: Sergio Navarro of Dionach
- - ============================================================

VULNERABILITY
Two XSS vulnerabilities have been discovered in Ninja Forms WordPress plugin which can be exploited against administrators of WordPress (with the vulnerable plugin) to perform Cross-Site Scripting
1) Reflected XSS
The issue was found in the success notification message that the Ninja Forms plugin displays in users’ browser after users submit their details successfully through the plugin contact form. Anonymous attackers could use the vulnerability to take control of the victim’s browser or steal other users' sessions and so access their personal details.
Proof of concept:
POST http://www.example.com/wp-admin/admin-ajax.php?action=ninja_forms_ajax_submit
[…]
ninja_forms_field_1=<b onmouseover=alert('XSS!')>TEST</b>
[…]

--------------------------------------------------------------------------------------------------------------------------------------
2)Stored XSS
This issue was exploited when administrator users with access to the Ninja Forms submissions list attempt to edit the user submitted values. A malicious administration can hijack other users’ session, take control of another administrator’s browser or install malware on their computer.
Proof of concept:
POST http://www.example.com/wp-admin/post.php
fields[1]=<b+onmouseover=alert('XSS!')>TEST</b>
-===========================================================================
SOLUTION:
Update to Ninja Forms 2.8.11 which includes a fix for this vulnerability
-===========================================================================
Credits: Sergio Navarro of Dionach
Login or Register to add favorites

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    49 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close