wp-plugin : video-comments-webcam-recorder

Plugin Details
Plugin Name: wp-plugin : video-comments-webcam-recorder
Effected Version : 1.55 (and most probably lower version's if any)
Vulnerability : Cross-Site Scripting (XSS)
Identified by : anantshri
WPScan Reference URL

Technical Details
Minimum Level of Access Required : Unauthenticated
PoC - (Proof of Concept) :

http://localhost/wp-content/plugins/video-comments-webcam-recorder/comments/videowhisper2/r_logout.php?message=

//   Vulnerable Parameter : message   Trac Log : https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=839986%40video-comments-webcam-recorder&old=686438%40video-comments-webcam-recorder Note : This plugin was updated in place which means those who downloaded this version from the time of release till the fix was applied are all vulnerable however after fix date any download is patched.


Disclosure Timeline
Vendor Contacted : 2014-01-15
Plugin Status : Updated on 2014-01-16
Public Disclosure : June 12, 2014
CVE Number : CVE-2014-4567
Plugin Description :
[| The Video Comments Webcam Recorder allows WordPress users to record video comments as responses to posts or to other comments. If the user is not logged into WordPress he cannot access this feature. Supports playback with JwPlayer plugin. Special requirements: This plugin has requirements beyond regular WordPress hosting specifications: a RTMP host is needed for persistent connections to manage live interactions and streaming (Wowza recommended). More details about this, including solutions are provided on the Installation section pages. ]