[wp-trac] [WordPress Trac] #22861: Wordpress 3.5 - Cross Site Scripting Vulnerability
WordPress Trac
noreply at wordpress.org
Tue Dec 11 21:18:58 UTC 2012
#22861: Wordpress 3.5 - Cross Site Scripting Vulnerability
-----------------------------+--------------------------
Reporter: shubhammittal01 | Type: defect (bug)
Status: new | Priority: normal
Milestone: Awaiting Review | Component: General
Version: 3.5 | Severity: normal
Keywords: |
-----------------------------+--------------------------
Hi, My name is Shubham Mittal. I have a bug at new Wordpress (latest
version, 3.5). This bug is Cross Site Scripting.
[XSS] New Wp-Post
Exploit Title: CMS Wordpress - XSS Vulnerability [[BR]]
Author : Shubham Mittal[[BR]]
E-mail : upgoingstaar at gmail.com [[BR]]
Webpage: http://3ncrypt0r.blogspot.com[[BR]]
Version CMS : Version 3.5 (Last Version) [[BR]]
Category : WebApps / Content Management System (CMS) [[BR]]
Security Risk: Medium Level [[BR]]
Link Downlaod: http://www.wordpress.org/ [[BR]]
Tested On : Mozilla Firefox + WAMP + Windows 7 64 Bit
[Information Content]
WordPress - Web Publishing Software. http://www.wordpress.org/
[Vulnerability Details]
XSS CODE:
<script>alert("XSSedByShubham")>[[BR]]
</script<script>alert(document.cookie);</script>[[BR]]
<script>window.open("http://www.google.com/")</script>
Exploit Report:
1. Create / Edit Wp-Post
Input "Title Post" with script XSS Code.
<script>alert("XSSedByShubham")</script>
2. http://example.com/wp-admin/post-new.php <---Publish It
3. View XSS, Alert Box will pop up. http://example.com/?p=xxx <--XSSed
[[Image(http://4.bp.blogspot.com/-zNKPa-
mQPEc/UMejBt8a3HI/AAAAAAAABQQ/HsG9RQnRwlg/s1600/post+xss.jpg)]]
Thanks
Shubham Mittal
@upgoingstar
--
Ticket URL: <http://core.trac.wordpress.org/ticket/22861>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list