OSVDB ID: 86781

Title: Slideshow Plugin for WordPress views/SlideshowPlugin/slideshow.php Multiple Parameter XSS

Info

Disclosure

Oct 17, 2012

Discovery

Unknown

Dates

Exploit

Oct 17, 2012

Solution

Unknown

Description

Slideshow Plugin for WordPress contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'randomId', 'slides', and 'settings' parameters upon submission to the views/SlideshowPlugin/slideshow.php script. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public
Disclosure: Third-party Verified
OSVDB: Web Related

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, a patch has been committed to the SVN repository that addresses this vulnerability. Until it is incorporated into the next release of the software, manually patching an existing installation is the only known available solution. Check the vendor advisory or solution URL in the references section.

Products

Stefan Boonstra

Slideshow Plugin for WordPress

2.1.14

References

Secunia Advisory ID: 51135
ISS X-Force ID: 79448 79711
Related OSVDB ID: 86782
Vendor Specific News/Changelog Entry: http://plugins.trac.wordpress.org/browser/slideshow-jquery-image-gallery/trunk
Vendor Specific Solution URL: http://plugins.trac.wordpress.org/browser/slideshow-jquery-image-gallery/trunk/views/SlideshowPlugin/slideshow.php
Vendor URL: http://wordpress.org/extend/plugins/slideshow-jquery-image-gallery/ [ Link is 404 ]
Other Advisory URL: http://www.waraxe.us/content-92.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/86781