Full title: WordPress Plugin WP-UserOnline Persistent XSS vulnerability 
Category: web applications
Platform: php
This perl exploit I've developed at 26.04.2010.

As I've wrote earlier, vulnerable are WP-UserOnline 2.62 and previous versions. After my informing the developer released WP-UserOnline 2.70 (at 07.05.2010). In version 2.70 he fixed XSS, but not Full path disclosure vulnerabilities.

# 0day.today @ http://0day.today/