WordPress Plugin Download Manager Free & Pro 2.5.8 – Persistent Cross-Site Scripting

• Exploit Database
• 15 阅读

• 作者： Jeroen - IT Nerdbox
  日期： 2013-12-08
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/30105/

• # Exploit Title: WordPress Plugin: WordPress Download Manager Free & Pro
  Persistent Cross Site Scripting 
  
  # Google Dork:
  
  # Date: 12-06-2013
  
  # Exploit Author: IT Nerdbox
  
  # Vendor Homepage: http://www.wpdownloadmanager.com # Software Link:
  http://downloads.wordpress.org/plugin/download-manager.zip
  
  # Version: v3.3.8
  
  # Tested on: WordPress 3.7.1 on Linux CentOS # CVE : N/A
  
   
  
   
  
   
  
  When creating a new download package you need to enter a title, description
  and the file(s) that you want to be available for download. The title input
  field is not sanitized and therefor vulnerable to persistent cross site
  scripting. The payload used is <input onmouseover=prompt(document.cookie)>
  
   
  
   
  
  More information, including screenshots, can be found at:
  
  http://www.nerdbox.it/wordpress-download-manager-xss/