WordPress SS Downloads Multiple Cross Site Scripting Vulnerability

Published: 2014-01-28 07:37:10

CVSS Base Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Summary:
This host is installed with WordPress SS Downloads Plugin and is prone to multiple cross site scripting vulnerability.

Detection Method:
Send a crafted data via HTTP GET request and check whether it is able to read cookie or not.

Technical Details:
Input passed via the 'file', 'title', and 'postid' parameters to emailandname form.php, emailform.php, emailsent.php, register.php, and download.php scripts and 'emails_and_names' and 'ssdshortcode' parameters to ss-downloads.php and 'file' parameter to services/getfile.php script are not properly sanitized before being returned to the user.

Impact:
Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.

Affected Versions:
Wordpress SS Downloads Plugin version 1.4.4.1, Other versions may also be affected.

Recommendations:
Upgrade Wordpress SS Downloads to version 1.5 or later.

Solution Type:
Vendor Patch

Detection Type:
Remote Vulnerability

SecurityFocus Bugtraq ID:

https://www.securityfocus.com/bid/65141

References:

http://secunia.com/advisories/56532
http://packetstormsecurity.com/files/124958
https://plugins.trac.wordpress.org/changeset/842702
http://exploitsdownload.com/exploit/na/wordpress-ss-downloads-cross-site-scripting
http://wordpress.org/plugins/ss-downloads

Search
Severity
Medium
CVSS Score
4.3

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.