Bugtraq: Admin Custom Login WordPress plugin affected by persistent Cross-Site Scripting via Logo URL field

————————————————————————

Admin Custom Login WordPress plugin affected by persistent Cross-Site

Scripting via Logo URL field

————————————————————————

Burak Kelebek, July 2016

————————————————————————

Abstract

————————————————————————

A persistent Cross-Site Scripting vulnerability has been encountered in

the Admin Custom Login WordPress plugin. This issue allows an attacker

to perform a wide variety of actions, such as stealing Administrators’

session tokens, or performing arbitrary actions on their behalf. The

“logo_url” field does not validate <script> tags and does not perform

output encoding.

————————————————————————

OVE ID

————————————————————————

OVE-20160712-0002

————————————————————————

Tested versions

————————————————————————

This issue was succesfully tested on the Admin Custom Login WordPress

plugin version 2.4.5.2.

————————————————————————

Fix

————————————————————————

There is currently no fix available.

————————————————————————

Details

————————————————————————

https://sumofpwn.nl/advisory/2016/admin_custom_login_wordpress_plugin_af

fected_by_persistent_cross_site_scripting_via_logo_url_field.html

————————————————————————

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its

goal is to contribute to the security of popular, widely used OSS

projects in a fun and educational way.

[ reply ]

Source: SecurityFocus Vulnerabilities @ March 1, 2017 at 01:02AM

0
Share