Title: Reflected XSS in wordpress plugin mal-membership v0.0.5.6 |
Author: Larry W. Cashdollar, @_larry0 |
Date: 2016-02-09 |
Download Site: https://wordpress.org/plugins/mal-membership |
Downloads: 979 |
Vendor Notified: 2016-02-09 |
Export: Json |
Vendor Contact: plugins@wordpress.org |
Plugin Name: mal-membership |
Vulnerability: There is a reflected XSS vulnerability in the following php code ./mal-membership/includes/mal_membership_contest.php:
213: <div><input type="file" size="30" name="contest_small_image" value="<?php echo $_POST['contest_small_image']; ?>"></div>
234: <div><input type="file" size="30" name="contest_large_image" value="<?php echo $_POST['contest_large_image']; ?>"></div>
The variable contest_small_image appears to send unsanitized data back to the users browser via POST request.
|
CVE-ID: Not Released |
File:./mal-membership/includes/mal_membership_contest.php |
Exploit Code: Exploit was derived from appearance of first vulnerable parameter in code, there could be more shown above.
|