Title: WordPress 'Sliding Social Icons' plugin - CSRF/XSS Version: 1.61 Reported by: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2014/12/12 Download: https://wordpress.org/plugins/sliding-social-icons/ Notified WordPress: 2014/11/27 ---------------------------------------------------------------- ## Description: ---------------------------------------------------------------- WordPress Sliding Widgets Plugin will help your to create a sliding icon list dynamically where you can place on your website. The icons slide into the screen when you hover over them. This plugin also allows you to enter a shortcode for a contact form or newsletter or any other shortcode, shows up in a sliding screen ## CSRF: ---------------------------------------------------------------- It is possible to change the plugins admin settings by tricking a logged in admin to visit a crafted page. ## Stored XSS: ---------------------------------------------------------------- Settings data from the admin page is stored unsanitized and shown on the plugin's admin page. This allows an attacker to perform XSS through the settings fields. PoC: Log in as admin and then submit the following form.



## Solution ---------------------------------------------------------------- No fix available. The plugin has been closed by WordPress until it is updated.