| Title: Wordpress plugin Reflected XSS in connections v8.5.8 |
| Author: Larry W. Cashdollar, @_larry0 |
| Date: 2016-01-26 |
| CVE-ID:[CVE-2016-0770] |
| CWE: |
| Download Site: https://wordpress.org/plugins/connections/ |
| Vendor: https://profiles.wordpress.org/shazahm1hotmailcom/ |
| Vendor Notified: 2016-01-28 |
| Vendor Contact: |
| Advisory: |
| Description: An easy to use directory plugin to create an address book, business directory, staff directory or church directory. |
| Vulnerability: Line 320 contains unfiltered user input for the search field being sent directly via echo back to the users browser via the ’s’ variable.
In file includes/admin/pages/manage.php
320: <input type="search" id="entry-search-input" name="s"
value="<?php if ( isset( $_GET['s'] ) && ! empty( $_GET['s'] ) ) echo
$_GET['s'] ; ?>" />
|
| Export: JSON TEXT XML |
| Exploit Code: |
| Screen Shots: |
| Notes: |
Larry W. Cashdollar
Larry Cashdollar
Larry W. Cashdollar vulnerability
Larry Cashdollar advisory