oss-sec mailing list archives
Re: CVE request: WordPress plugin category-grid-view-gallery XSS
From: Henri Salo <henri () nerv fi>
Date: Thu, 11 Jul 2013 21:05:19 +0300
On Thu, Jul 11, 2013 at 11:59:13AM -0600, Kurt Seifried wrote:
On 07/10/2013 08:12 PM, Henri Salo wrote:Can I get 2013 CVE identifier for XSS vulnerability in WordPress plugin category-grid-view-gallery, thanks. Plugin page: http://wordpress.org/plugins/category-grid-view-gallery/ Original advisory: http://seclists.org/bugtraq/2013/Jul/17 Version affected: 2.3.1 (older probably affected too) PoC: https://example.com/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=44%22%3E%3Cimg%20src=%22http://%22%20onerror=alert%28document.cookie%29;%3E Not yet fixed as author did not contact vendor. Top 1277 plugin by popularity. WordPress guys could you coordinate this with plugin developer, thanks? --- Henri SaloCan you confirm the vulnerability? I don't see any follow up emails/etc. Thanks.
This is the confirmation. I manually tested this in 2.3.1 version. --- Henri Salo
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE request: WordPress plugin category-grid-view-gallery XSS Henri Salo (Jul 10)
- Re: CVE request: WordPress plugin category-grid-view-gallery XSS Kurt Seifried (Jul 11)
- Re: CVE request: WordPress plugin category-grid-view-gallery XSS Henri Salo (Jul 11)
- Re: CVE request: WordPress plugin category-grid-view-gallery XSS Kurt Seifried (Jul 11)
- Re: CVE request: WordPress plugin category-grid-view-gallery XSS Henri Salo (Jul 11)
- Re: CVE request: WordPress plugin category-grid-view-gallery XSS Kurt Seifried (Jul 11)