WordPress Social Ring 1.1.9 Cross Site Scripting

2014-01-20T00:00:00
ID PACKETSTORM:124851
Type packetstorm
Reporter Ashiyane Digital Security Team
Modified 2014-01-20T00:00:00

Description

                                        
                                            `######################  
# Exploit Title : Wordpress social ring Cross Site Scripting  
# Exploit Author : Ashiyane Digital Security Team  
# Vulnerable version : 1.0 up to 1.1.9  
# Software Link :  
http://downloads.wordpress.org/plugin/wordpress-social-ring.1.1.9.zip  
# Date : 2014-01-18  
# Tested on : Windows 7  
  
# discovered by : ACC3SS  
  
######################  
#  
# Vulnerability code : <?php echo $_GET['url']; ?>  
#  
######################  
#  
# Location :  
localhost/wp-content/plugins/wordpress-social-ring/includes/share.php?url=[Xss]  
#  
######################  
`