wp-plugin : fixedly – A3-Cross-Site Scripting (XSS)

 

Plugin Details

 

Plugin Name : fixedly

 

Effected Version : 1.3.1 (and most probably lower version's if any)

 
Vulnerability : A3-Cross-Site Scripting (XSS)
 
Identified by : Anant Shrivastava

 

 

Technical Details

 

Minimum Level of Access Required : Unauthenticated

 

PoC - (Proof of Concept) :

 
http://localhost/wp-content/plugins/fixedly/pages/create_template_page.php?template_id="><script>alert(document.cookie)</script>&

 

Vulnerable Parameter : template_id

 

Type of XSS : Reflected

 

Disclosure Timeline

 

Vendor Contacted : 2014-01-04

 
Plugin Status : Closed
 
Public Disclosure : July 7, 2014
 
CVE Number : Not assigned yet

 
Plugin Description :
 
Fixedly Media Gallery is WordPress plugin that can help you create and integrate, easily and quickly your next video, image or
slideshow gallery into your pages and posts. Within 3 easy steps you can create and insert a gallery to your next post.
Check out our [Screencast page](http://www.fixedly.net/screencasts/ "Screencast page") to learn more on how to use the plugin.

Be sure that you have `` function included into your WordPress theme header file otherwise the Fixedly Media Gallery won't work.

= Shortag =

[fixedly-media-gallery]

= Options =

* *id* - the ID of the gallery you want to insert (**required**)
* *template_id* - overwrite the default gallery template (optional)

(e.g. if you would like to have same gallery on different pages with different template style)

1 - default, 2 - default_thumbnails, 3 - content_left, 4 - content_right, 5 - content_top, 6 - content_bottom, 7 - content_left_thumbnails, 8 - content_right_thumbnails, 9 - gallery

= Examples =

`[fixedly-media-gallery id="1"]`
`[fixedly-media-gallery id="1" template_id="4"]`

= PHP Code =

Here is the code if you want to add the gallery directly into your PHP templates.

``

Another way to add gallery into your PHP templates is by using the `` function.

``

Leave a Reply

Your email address will not be published. Required fields are marked *