[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin

To: Summer of Pwnage <lists@xxxxxxxxxxx>
Subject: Re: [FD] Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin
From: "Larry W. Cashdollar" <larry0@xxxxxx>
Date: Sat, 19 Nov 2016 09:13:31 -0500

Hello All,

These are really great advisories, my only wish is that they were copied to the 
security lists in their entirety.  This way we aren't relying on a single point 
of failure (your website) when looking for the data in the future.

Thanks!
Larry

> On Nov 19, 2016, at 5:48 AM, Summer of Pwnage <lists@xxxxxxxxxxx> wrote:
> 
> ------------------------------------------------------------------------
> Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin
> ------------------------------------------------------------------------
> Yorick Koster, July 2016
> 
> ------------------------------------------------------------------------
> Abstract
> ------------------------------------------------------------------------
> A Cross-Site Scripting vulnerability was found in the WP Canvas -
> Shortcodes WordPress Plugin. This issue allows an attacker to perform a
> wide variety of actions, such as stealing Administrators' session
> tokens, or performing arbitrary actions on their behalf. This issue can
> be exploited by authenticated users with the Contributor or higher role.
> 
> ------------------------------------------------------------------------
> OVE ID
> ------------------------------------------------------------------------
> OVE-20160724-0031
> 
> ------------------------------------------------------------------------
> Tested versions
> ------------------------------------------------------------------------
> This issue was successfully tested on WP Canvas - Shortcodes WordPress
> Plugin version 1.92.
> 
> ------------------------------------------------------------------------
> Fix
> ------------------------------------------------------------------------
> This issue has been addressed in WP Canvas - Shortcodes WordPress Plugin
> version 2.07.
> 
> ------------------------------------------------------------------------
> Details
> ------------------------------------------------------------------------
> https://sumofpwn.nl/advisory/2016/stored_cross_site_scripting_in_wp_canvas___shortcodes_wordpress_plugin.html
> 
> ------------------------------------------------------------------------
> Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its
> goal is to contribute to the security of popular, widely used OSS
> projects in a fun and educational way.
> 
> _______________________________________________
> Sent through the Full Disclosure mailing list
> https://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Follow-Ups:
- Re: [FD] Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin
  - From: Summer of Pwnage

References:
- [FD] Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin
  - From: Summer of Pwnage

Prev by Date: [FD] Joomla plugin K2 RCE via CSRF or WCI
Next by Date: Re: [FD] Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin
Previous by thread: [FD] Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin
Next by thread: Re: [FD] Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin
Index(es):
- Date
- Thread