Easy Contact 0.1.2 WordPress Plugin Cross Site Scripting



EKU-ID: 287 CVE: OSVDB-ID:
Author: Websecurity Published: 2011-05-23 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


Hello list!

I want to warn you about Insufficient Anti-automation, Abuse of
Functionality and Cross-Site Scripting vulnerabilities in plugin Easy
Contact for WordPress.

-------------------------
Affected products:
-------------------------

Vulnerable are Easy Contact 0.1.2 and previous versions.

----------
Details:
----------

Insufficient Anti-automation (WASC-21):

Lack of captcha at contact page allows to send automated messages
(particularly spam) to admin of the site. Captcha is turned off by default
and the type of text captcha Challenge Question is not reliable, because
the value is fixed.

Abuse of Functionality (WASC-42):

At contact page it's possible to send spam via function Carbon Copy (Email
yourself a copy). Which is turned on by default and leads to that it's
possible to send spam via the site as to admin, as to arbitrary emails.

And with using of Insufficient Anti-automation vulnerability it's possible
to send automatically spam from the site on a large scale.

Exploit:

http://websecurity.com.ua/uploads/2011/Easy%20Contact%20Abuse%20of%20Functionality.html

XSS (WASC-08):

Exploits:

http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS.html

http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS-2.html

http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS-3.html

http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS-4.html

------------
Timeline:
------------

2011.04.01 - announced at my site.
2011.04.03 - informed developers.
2011.05.20 - disclosed at my site.

I mentioned about these vulnerabilities at my site
(http://websecurity.com.ua/5055/).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua