wp-plugin : proquoter – A3-Cross-Site Scripting (XSS)


Plugin Details


Plugin Name : proquoter


Effected Version : 1.0 (and most probably lower version's if any)

Vulnerability : A3-Cross-Site Scripting (XSS)
Identified by : Prajal Kulkarni



Technical Details


Minimum Level of Access Required : Unauthenticated


PoC - (Proof of Concept) :




Disclosure Timeline


Vendor Contacted : 2014-01-22

Plugin Status : Closed on 2014-01-11
Public Disclosure : April 25, 2014
CVE Number : CVE-2014-4545

Plugin Description :
ProQuoter allows you to easily create beautiful pull-quote images for your articles. Pull-quotes have an amazing ability to draw the reader's attention. They can turn a dull piece of text into an incredible visually stimulating article. If you don't have any exciting images to spice up your article then they can be even more important. Now it's easy to create incredibly beautiful pull quotes in your blog entry.

Just highlight the text you want to use and click one of the ProQuoter toolbar buttons and you will be able to select from 1000s of styles for your pull-quote. It only takes a few seconds to add beautiful quote images to your blog post and increase your traffic from Pinterest.

Images are genereated and hosted by our website http://quotes.prowritingaid.com but you are free to download them and host them yourself if you so wish. On our website you will find over 100,000 pre-made, beautiful quote images to choose from including: funny quotes, inspirational quotes, motivational quotes, love quotes and more.

Leave a Reply

Your email address will not be published. Required fields are marked *