###################### # Exploit Title : WP Fast Cache 1.4 and below CSRF Stored/Reflected XSS # Exploit Author : Claudio Viviani # Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 (Full HomelabIT Vulns Archive) # Vendor Homepage : https://wordpress.org/plugins/wp-fast-cache/ # Software Link : https://downloads.wordpress.org/plugin/wp-fast-cache.1.4.zip # Dork Google: index of wp-fast-cache # Date : 2015-05-11 # Tested on : Windows 7 / Mozilla Firefox # Linux / Mozilla Firefox ###################### # Info: WP Fast Cache is vulnerable to CSRF attacks, which can also be combined with stored/reflected XSS attacks (authenticated administrators only). # PoC Exploit: Click Here
wp_fast_cache_bulk_action_url var was not sanitized! # PoC Video: http://youtu.be/Z7kV3aWE6mU Discovered By : Claudio Viviani http://www.homelab.it http://archive-exploit.homelab.it/1 (Full HomelabIT Vulns Archive) http://ffhd.homelab.it (Free Fuzzy Hashes Database) info@homelab.it homelabit@protonmail.ch https://www.facebook.com/homelabit https://twitter.com/homelabit https://plus.google.com/+HomelabIt1/ https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww #####################