WordPress.org

Plugin Directory

Opened 5 years ago

Closed 5 years ago

#1646 closed defect (duplicate)

Reflective/Stored XSS in Responsive Logo Slideshow Plugin

Reported by: adityabalapure Owned by:
Priority: normal Severity: major
Plugin: not-listed Keywords: Responsive Logo Slideshow Plugin, Aditya Balapure, Reflected XSS
Cc:

Description

The Responsive Logo Slideshow Plugin in Wordpress
http://wordpress.org/extend/plugins/responsive-logo-slideshow/ has a Reflected/Stored
XSS Vulnerability in the URL and Image input box.

Attached are the screenshots for POC.

If a malicious user is able to inject a script that may affect each and every viewer who visits the website. Once a malicious user compromises the login credentials, he may use these input fields to store malicious scripts and thus carry on a passive attack.

Script Used-

';alert(String.fromCharCode(88,83,83))';alert(String.fromCharCode(88,83,83))";
alert(String.fromCharCode(88,83,83))";alert(String.fromCharCode(88,83,83))--

</SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>

Attachments (2)

Screenshot.png (152.9 KB) - added by adityabalapure 5 years ago.
Untitled.png (507.6 KB) - added by adityabalapure 5 years ago.

Download all attachments as: .zip

Change History (5)

@adityabalapure5 years ago

@adityabalapure5 years ago

comment:1 @adityabalapure5 years ago

  • Resolution set to duplicate
  • Status changed from new to closed

comment:2 @adityabalapure5 years ago

  • Resolution duplicate deleted
  • Status changed from closed to reopened

comment:3 @adityabalapure5 years ago

  • Resolution set to duplicate
  • Status changed from reopened to closed
Note: See TracTickets for help on using tickets.