KhiZaRix Posted April 22, 2015 Report Share Posted April 22, 2015 Title: Stored XSS Vulnerability in Add Link to Facebook Wordpress PluginAuthor: Rohit KumarPlugin Homepage: http://wordpress.org/extend/plugins/add-link-to-facebook/Severity: MediumVersion Affected: Version 1.215 and mostly prior to it.Version Tested: Version 1.215Version Patched : 1.215Description:Vulnerable Parameter1. App ID2. App Secret3. Custom Picture URL4. Default Picture URL5. URL News Feed IconAbout VulnerabilityThis plugin is vulnerable to Stored Cross Site Scripting Vulnerability. This issue was exploited when useraccessed to Add Link to Facebook Settings in Wordpress with Administrator privileges. A maliciousadministrator can hijack other users sessions, take control of another administrators browser or installmalware on their computer.Vulnerability Class:Cross Site Scripting (https://www.owasp.org/index.php/Top_10_2013-A3-Cross-Site_Scripting_(XSS))Steps to Reproduce:After installing the plugin: Goto Settings All in One Facebook Input this payload in App ID :- ><script>alert(1)</script> Click on the Save button. After reloading the page you will see a Pop Up Box with 1 written on it. Reload the page again to make sure its stored.Change Loghttps://wordpress.org/plugins/add-link-to-facebook/changelog/Disclosure09th March 2015Source: http://packetstorm.wowhacker.com/1504-advisories/wpfacebook-xss.txt Quote Link to comment Share on other sites More sharing options...
.thumb.jpg.29b1f7ae7dd9ad5a11e41a710722ba35.jpg)