WP-UserOnline version 2.62 for WordPress suffers from cross site scripting and path disclosure vulnerabilities.
845bc8f932e09972857e67fe40b616f0b30506ccbc8eff49b7c34008fb49efbbHello Bugtraq!
I want to warn you about security vulnerabilities in plugin WP-UserOnline
for WordPress.
-----------------------------
Advisory: Vulnerabilities in WP-UserOnline for WordPress
-----------------------------
URL: http://websecurity.com.ua/4177/
-----------------------------
Affected products: WP-UserOnline 2.62 and previous versions.
-----------------------------
Timeline:
26.04.2010 - found vulnerabilities.
30.04.2010 - announced at my site.
01.05.2010 - informed developer.
07.05.2010 - developer released WP-UserOnline 2.70. In version 2.70 the
developer fixed XSS, but not Full path disclosure vulnerabilities.
01.07.2010 - disclosed at my site.
-----------------------------
Details:
These are Cross-Site Scripting and Full path disclosure vulnerabilities.
XSS:
With help of special request to the site it's possbile to conduct XSS
attack. For this it's needed to send GET request in special way (not in
browser) to page http://site/?<script>alert(document.cookie)</script>.
This is persistent XSS. Vulnerability appears at page
http://site/wp-admin/index.php?page=wp-useronline.
Full path disclosure:
http://site/wp-content/plugins/wp-useronline/admin.php
http://site/wp-content/plugins/wp-useronline/widget.php
http://site/wp-content/plugins/wp-useronline/wp-stats.php
http://site/wp-content/plugins/wp-useronline/wp-useronline.php
http://site/wp-content/plugins/wp-useronline/scb/Widget.php
http://site/wp-content/plugins/wp-useronline/scb/load.php
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed