| Title: Reflected XSS in wordpress plugin edik-enhanced-image-editor v0.1.2 |
| Author: Larry W. Cashdollar, @_larry0 |
| Date: 2016-02-09 |
| Download Site: https://wordpress.org/plugins/edik-enhanced-image-editor |
| Downloads: 7067 |
| Vendor Notified: 2016-02-09 |
| Export: Json |
| Vendor Contact: plugins@wordpress.org |
| Plugin Name: edik-enhanced-image-editor |
| Vulnerability: There is a reflected XSS vulnerability in the following php code ./edik-enhanced-image-editor/edik.php:
165: $('<input type="button" value="Extended image edit" class="button edik-wp-extended-edit" data-src="<?php echo get_site_url(); ?>/wp-admin/admin-ajax.php?action=edik_get_editor_content&image=<?php echo $_GET["post"]; ?>">').insertAfter(standard_btn);
The variable post appears to send unsanitized data back to the users browser.
|
| CVE-ID: Not Released |
| File:./edik-enhanced-image-editor/edik.php |
| Exploit Code: Exploit was derived from appearance of first vulnerable parameter in code, there could be more shown above.
|