wp-plugin : flog – SSRF/XSPA

 

Plugin Details

 

Plugin Name : flog

 

Effected Version : 1.0beta3 (and most probably lower version's if any)

 
Vulnerability : SSRF/XSPA
 
Identified by : Prajal Kulkarni

 

 

Technical Details

 

Minimum Level of Access Required : Unauthenticated

 

PoC - (Proof of Concept) :

 
1. Test for Open port 80 :
The “in_index” Key value is “true” for Open ports(Check- OpenPort80.png)
OpenPort80
2. Test for Open NON HTTP Ports (like SSH, FTP, SMTP etc) :
For non HTTP open ports it displays a specific error “Recv failure: Connection was reset”. With this error it is possible to assert that the port is open.(Check OpenPort22.png)
OpenPort22
3. Test for Closed Port 21:
For non HTTP closed ports the error msg is:Failed connect to scanme.nmap.org:21; No error(Check ClosedPort21.png)
CpenPort21
The plugin is closed right now however it is still possible to download the plugin via sf.net : http://sourceforge.net/projects/flog/

 

Disclosure Timeline

 

Vendor Contacted : 2013-12-17

 
Plugin Status : Closed
 
Public Disclosure : May 28, 2014
 
CVE Number : Not assigned yet

 
Plugin Description :
 
**Provide your visitors a Flash equivalent of your website / Convert your WordPress blog into a Flash application.**

> Turn any WordPress blog into a full Flash site, keep an HTML version, take advantage of (http://silex-ria.org/ "Silex to customize the provided Flash templates")

The original WordPress site remains visible to those who do not have the Flash plugin or wish to see the HTML version. For mobile phones, another WordPress theme is displayed automatically (iphone, windows mobile). Finally, for optimal SEO, search engines will see an optimized HTML version of the site.

Since the Flash version has deep linking, the permalinks are valid, they are shared by the HTML and the Flash versions. The selection of the Flash theme is made in the WordPress settings page, and the themes are editable with (http://silex-ria.org/ "Silex WYSIWYG"), without programming skills and **without Flash lisense**.

* **search engines** or **portable phones** will see the appropriate HTML theme
* keeps the **posts and comments** unchanged. Keeps comments related functionnalities.
* keeps **the structure of your blog**: posts, categories, tags, pages, archives, start page...
* use both WP URL rewrite and **deep linking**
* choose one of the **provided Flash templates** - **all free and open source** from the admin pannel
* create your own dynamic Flash templates with *Silex WYSIWYG*
* compatible with **WordPress Mu**

Look at [the screenshots of the prototypes](http://wordpress.org/extend/plugins/flog/screenshots/ "screenshots")

__Latest stable version: v1.0beta2 - Work is in progress__

**Links**

* [Demo, Work in progress can be seen here](http://projects.silexlabs.com/wpplugintest/ "Work in progress can be seen here")
* [source code](http://plugins.svn.wordpress.org/flog/trunk/ "source code")
* [flog for WordPress download](http://wordpress.org/extend/plugins/flog/ "flog for WordPress download")
* [flog project page (several CMS, galeries, etc)] (http://flog.sourceforge.net/ "flog project page (all CMS)")

**compatibility with other plugins**
* MobilePress: YES
* private blog: NO

**compatibility with WordPress versions**
* 2.8.1
* 2.8.4

**Description**

flog is SEO friendly and makes use of [Silex the #1 opensource Flash CMS](http://silex-ria.org/ "Silex project website"), to build dynamic Flash templates without the Flash IDE. These templates can display your blog data, the posts, pages and comments. And you will be able to modify the appearance in [Silex WYSIWYG](http://www.youtube.com/watch?v=rzFqfuiLQ4k&hl=fr "Silex WYSIWYG video demo").

[Sha](http://silex-ria.org/sha "Sha cv") has allready done [a website with Silex driven by WordPress](http://flashcms.fr/ "flashcms, a Silex-WP site (in French)"). And [here is a video of an other test I did](http://www.screentoaster.com/watch/stUkxdQ0VLR15cR19dU1le "Silex Wordpress video")). These prototypes are not SEO friendly and a classical WordPress blog could not be converted easily.

Now I want flog to let Silex themes be Flash equivalents of WordPress themes.

Leave a Reply

Your email address will not be published. Required fields are marked *