WordPress I Love It XSS / Content Spoofing / Path Disclosure

2013-07-13T00:00:00
ID PACKETSTORM:122386
Type packetstorm
Reporter MustLive
Modified 2013-07-13T00:00:00

Description

                                        
                                            `Hello list!  
  
These are Cross-Site Scripting, Content Spoofing and Full path disclosure   
vulnerabilities in I Love It theme for WordPress. This is commercial   
(premium) theme.  
  
-------------------------  
Affected products:  
-------------------------  
  
All versions of I Love It theme for WordPress. The theme contains vulnerable   
versions of Audio Player and GDD FLVPlayer.  
  
-------------------------  
Affected vendors:  
-------------------------  
  
CosmoThemes  
http://cosmothemes.com  
  
----------  
Details:  
----------  
  
Cross-Site Scripting (WASC-08):  
  
http://site/wp-content/themes/iloveit/lib/php/assets/player.swf?playerID=%22))}catch(e){alert(document.cookie)}//  
  
Content Spoofing (WASC-12):  
  
http://site/wp-content/themes/iloveit/flv/gddflvplayer.swf  
  
There are 10 vulnerabilities in GDD FLVPlayer: 8 CS and 2 XSS. Which I   
announced recently (http://websecurity.com.ua/6642/) and informed developers   
of GDD FLVPlayer. These vulnerabilities will be disclosed later.  
  
Full path disclosure (WASC-13):  
  
http://site/wp-content/themes/iloveit/  
  
There are FPD vulnerabilities in index.php and other php-files (in folder   
and subfolders).  
  
------------  
Timeline:  
------------   
  
2013.05.24 - informed CosmoThemes about vulnerabilities in their I Love It   
New theme.  
2013.07.11 - disclosed at my site (http://websecurity.com.ua/6646/).  
2013.07.12 - informed developers about vulnerabilities in their I Love It   
theme.  
  
Best wishes & regards,  
MustLive  
Administrator of Websecurity web site  
http://websecurity.com.ua   
  
`