Vulnerabilities in Easy Contact for WordPress

["MustLive" <mustlive () websecurity com ua>]

Hello list!

I want to warn you about Insufficient Anti-automation, Abuse of
Functionality and Cross-Site Scripting vulnerabilities in plugin Easy
Contact for WordPress.

-------------------------
Affected products:
-------------------------

Vulnerable are Easy Contact 0.1.2 and previous versions.

----------
Details:
----------

Insufficient Anti-automation (WASC-21):

Lack of captcha at contact page allows to send automated messages
(particularly spam) to admin of the site. Captcha is turned off by default
and the type of text captcha Challenge Question is not reliable, because
the value is fixed.

Abuse of Functionality (WASC-42):

At contact page it's possible to send spam via function Carbon Copy (Email
yourself a copy). Which is turned on by default and leads to that it's
possible to send spam via the site as to admin, as to arbitrary emails.

And with using of Insufficient Anti-automation vulnerability it's possible
to send automatically spam from the site on a large scale.

Exploit:

http://websecurity.com.ua/uploads/2011/Easy%20Contact%20Abuse%20of%20Functionality.html

XSS (WASC-08):

Exploits:

http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS.html

http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS-2.html

http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS-3.html

http://websecurity.com.ua/uploads/2011/Easy%20Contact%20XSS-4.html

------------
Timeline:
------------

2011.04.01 - announced at my site.
2011.04.03 - informed developers.
2011.05.20 - disclosed at my site.

I mentioned about these vulnerabilities at my site
(http://websecurity.com.ua/5055/).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/