Reporter Scott Herbert
`This effects version 0.1 of abc-test the hole is fixed in version 0.2
Product : wordpress plugin abc-test
Affected file: abctest_config.php
The file abctest_config.php does not sanitize the input from $_GET ['id']
effectively. This allows a user to launch a cross site scripting attack
against this file. While the effectiveness of such an attack is somewhat
limited by the wordpress platform adding \ to quotes, it still may be
possible to inject cookie stealing objects (flash files for example).
Sanitize the $_GET super global.
24-Sept-2012 Vendor and wordpress informed.
25-Sept-2012 Vendor confirmed the security issue and patched.
26-Sept-2012 Public release of the vulnerability, via the full disclosure