Home / exploits WordPress Captain Slider 1.0.6 Cross Site Scripting
Posted on 29 August 2015
--e89a8ff1ccaefae749051e667db5 Content-Type: text/plain; charset=UTF-8 <!-- # Exploit Title: Wordpress Captain Slider Stored XSS # Date: 2015/8/29 # Exploit Author: Arash Khazaei . # Vendor Homepage: https://wordpress.org/plugins/captain-slider/ # Software Link: https://downloads.wordpress.org/plugin/captain-slider.zip # Version: 1.0.6 # Tested on: Kali , Iceweasel Browser # CVE : N/A # Contact : http://twitter.com/0xClay # Email : 0xclay@gmail.com # Site : http://bhunter.ir # Intrduction : # Wordpress Captain Slider Plugin Have 3000+ Active Install # And Suffer From A Stored XSS Vulnerability In Title And Caption Section . # Authors , Editors And Of Course Administrators This Vulnerability To Harm WebSite . # Exploit : # To Exploit This Vulnerability Go To Manage Silder Section And Add Slider In Title And Caption add Your Js Code . # After Adding New Slider Go To Sorter Section Then You Can See Js Codes Executed . Vulnerable Code : --> <th class="column-order"><?php _e('Order', 'ctslider'); ?></th> <th class="column-thumbnail"><?php _e('Slide Image', 'ctslider'); ?></th> <th class="column-title"><?php _e('Title', 'ctslider'); ?></th> <!-- Discovered By Arash Khazaei (Aka JunkyBoy) --> --e89a8ff1ccaefae749051e667db5 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><!--<br># Exploit Title: Wordpress Captain Slider Store= d XSS<br># Date: 2015/8/29<br># Exploit Author: Arash Khazaei .<br># Vendor= Homepage: <a href=3D"https://wordpress.org/plugins/captain-slider/">https:= //wordpress.org/plugins/captain-slider/</a><br># Software Link: <a href=3D"= https://downloads.wordpress.org/plugin/captain-slider.zip">https://download= s.wordpress.org/plugin/captain-slider.zip</a><br># Version: 1.0.6<br># Test= ed on: Kali , Iceweasel Browser<br># CVE : N/A<br># Contact : <a href=3D"ht= tp://twitter.com/0xClay">http://twitter.com/0xClay</a><br># Email : <a href= =3D"mailto:0xclay@gmail.com">0xclay@gmail.com</a><br># Site : <a href=3D"ht= tp://bhunter.ir">http://bhunter.ir</a><br><br># Intrduction : <br><br># Wor= dpress Captain Slider Plugin Have 3000+ Active Install <br># And Suffer Fro= m A Stored XSS Vulnerability In Title And Caption Section .<br># Authors , = Editors And Of Course Administrators This Vulnerability To Harm WebSite .<b= r><br># Exploit : <br><br># To Exploit This Vulnerability Go To Manage Sild= er Section And Add Slider In Title And Caption add Your Js Code .<br># Afte= r Adding New Slider Go To Sorter Section Then You Can See Js Codes Executed= . <br><br><br>Vulnerable Code :<br>--><br>=C2=A0=C2=A0=C2=A0 =C2=A0=C2= =A0=C2=A0 <th class=3D"column-order"><?php _e('Order= ', 'ctslider'); ?></th><br>=C2=A0=C2=A0=C2=A0 =C2=A0= =C2=A0=C2=A0 <th class=3D"column-thumbnail"><?php _e(= 9;Slide Image', 'ctslider'); ?></th><br>=C2=A0=C2=A0= =C2=A0 =C2=A0=C2=A0=C2=A0 <th class=3D"column-title"><?p= hp _e('Title', 'ctslider'); ?></th><br>=C2=A0=C2= =A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 <br><br><br><br><br><!--= Discovered By Arash Khazaei (Aka JunkyBoy) --><br></div> --e89a8ff1ccaefae749051e667db5--
