BID:51997

WordPress s2Member Pro Plugin 'Coupon Code' Field HTML Injection Vulnerability

Info

WordPress s2Member Pro Plugin 'Coupon Code' Field HTML Injection Vulnerability

Bugtraq ID:	51997
Class:	Input Validation Error
CVE:	CVE-2011-5082
Remote:	Yes
Local:	No
Published:	Feb 14 2012 12:00AM
Updated:	Mar 19 2015 07:35AM
Credit:	Chris Martin
Vulnerable:	WebSharks s2Member Pro 111216

Not Vulnerable:	WebSharks s2Member Pro 111220

Discussion

WordPress s2Member Pro Plugin 'Coupon Code' Field HTML Injection Vulnerability

The s2Member Pro plugin for WordPress is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input.

Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible.

Versions prior to s2Member Pro 111220 are vulnerable.

Exploit / POC

WordPress s2Member Pro Plugin 'Coupon Code' Field HTML Injection Vulnerability

Attackers can use a browser to exploit this issue.

Solution / Fix

WordPress s2Member Pro Plugin 'Coupon Code' Field HTML Injection Vulnerability

Solution:
Vendor updates are available. Please see the references for more information.

References

WordPress s2Member Pro Plugin 'Coupon Code' Field HTML Injection Vulnerability

References:

PCI Compliance Script Issues (Chris Martin)
s2Member Homepage (WebSharks)
s2Member Release Notes (WebShark)