garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated WordPress 3.5 Issues (markdown)

ethicalhack3r
2013-01-27 07:10:11 -08:00
parent 0f72e2a78b
commit e3bc479b19
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
WordPress-3.5-Issues.md

@@ -26,7 +26,9 @@ Proof of Concept: ```[embed]javascript:alert(document.cookie)[/embed]```
## Issue 3 ## Issue 3
This issue was successfully investigated by [@erwan_lr](https://twitter.com/@erwan_lr), a WPScan Team member. "[Plupload] Allows you to upload files using HTML5 Gears, Silverlight, Flash, BrowserPlus or normal forms, providing some unique features such as upload progress, image resizing and chunked uploads." [2] This issue was successfully investigated by [@erwan_lr](https://twitter.com/@erwan_lr), a WPScan Team member. "[Plupload] Allows you to upload files using HTML5 Gears, Silverlight, Flash, BrowserPlus or normal forms, providing some unique features such as upload progress, image resizing and chunked uploads." [2]
The vulnerable file is included in WordPress versions 3.5, 3.4.2, 3.4.1, 3.4, 3.3.3 and 3.3.2.
Proof of Concept: ```wp-includes/js/plupload/plupload.flash.swf?id=\"));}catch(e){alert(1);}//``` Proof of Concept: ```wp-includes/js/plupload/plupload.flash.swf?id=\"));}catch(e){alert(1);}//```