WordPress ABC-Test 0.1 Cross Site Scripting

2012-09-26T00:00:00
ID PACKETSTORM:116897
Type packetstorm
Reporter Scott Herbert
Modified 2012-09-26T00:00:00

Description

                                        
                                            `This effects version 0.1 of abc-test the hole is fixed in version 0.2  
  
---------  
Affected products:  
---------  
  
Product : wordpress plugin abc-test  
Affected file: abctest_config.php  
  
----  
Details:  
----  
  
The file abctest_config.php does not sanitize the input from $_GET ['id']  
effectively. This allows a user to launch a cross site scripting attack  
against this file. While the effectiveness of such an attack is somewhat  
limited by the wordpress platform adding \ to quotes, it still may be  
possible to inject cookie stealing objects (flash files for example).  
  
Example code:  
  
http://localhost/blog/wp-admin/admin.php?page=abctest&do=edit&id=%22%3E%3Ch1  
%3EXSS%3C/h1  
  
-------  
Suggested fix:  
-------  
  
Sanitize the $_GET super global.  
  
----  
Timeline:  
----  
  
24-Sept-2012 Vendor and wordpress informed.  
25-Sept-2012 Vendor confirmed the security issue and patched.  
26-Sept-2012 Public release of the vulnerability, via the full disclosure  
and  
http://scott-herbert.com/blog/2012/09/26/xss-vulnerability-in-wordpress-plug  
in-abc-test-1107  
  
  
  
  
  
`