Wordpress Multiple Third Party Plugins Multiple Vulnerabilities


Description   (#Several vulnerabilities have been identified in third party plugins for WordPress:#- Akismet: cross-site scripting in the comments due to bad sanitization by the "wp_rel_nofollow" function which does not match line break characters#- Events Made Easy: cross-site scripting and cross-site request forgery in several pages#- Ajax Load More: arbitrary file upload#- Calls to Action: cross-site scripting#- Gwolle Guestbook: remote file inclusion##An exploitation code is available for the Ajax Load More plugin in the Metasploit framework.##Proofs of concept are available.)
     
Vulnerable Products   Vulnerable Software:
WordPress (WordPress) - 1.5, 1.5.1.1, 2.0, 2.0.1, 2.0.3, ..., 4.2.1, 4.2.2, 4.2.3, 4.3, 4.3.1
     
Solution   - Gwolle Guestbook: 1.5.4
     
CVE  
     
References   - Wpvulndb : Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8215
- Sucuri : Security Advisory: Stored XSS in Akismet WordPress Plugin
https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html
- DavidSopas : Events Made Easy WordPress plugin CSRF + Persistent XSS
https://www.davidsopas.com/events-made-easy-wordpress-plugin-csrf-persistent-xss/
- Exploit-DB : WordPress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability
https://www.exploit-db.com/exploits/38484/
- Wpvulndb : WordPress Calls to Action <= 2.4.3 - Reflected Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8219
- Wpvulndb : Gwolle Guestbook <= 1.5.3 - Remote File Inclusion (RFI)
https://wpvulndb.com/vulnerabilities/8218
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
XSS - Prevention - GET : suspicious 'iframe' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious 'meta' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious tag with event found in URL
3.2.0
XSS - Prevention - POST : suspicious 'meta' tag found in data
3.2.0
XSS - Prevention - GET : suspicious 'applet' tag found in URL
3.2.0
XSS - Phishing : suspicious 'div' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious 'style' attribute found in URL
3.2.0
XSS - Prevention - GET : suspicious 'img' tag found in URL
3.2.0
XSS - Prevention - POST : suspicious 'img' attribute found in data
3.2.0
XSS - Phishing : suspicious 'a' tag found in URL
3.2.0
XSS - Prevention - GET : cookie access attempt using script language found in URL
3.2.0
XSS - Prevention - GET : suspicious 'embed' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious 'object' tag found in URL
3.2.0
XSS - Phishing : suspicious 'form' tag found in URL
3.2.0
XSS - Prevention - GET : javascript code found in URL
3.2.0
XSS - Prevention - GET : evasion attempt using tag characters encoding in URL
3.2.0
XSS - Prevention - GET : suspicious 'style' tag found in URL
3.2.0
XSS - Phishing : suspicious 'link' tag found in URL
3.2.0
XSS - Prevention - GET : 'script' tag found in URL
3.2.0
XSS - Prevention - GET : 'location' javascript object found in URL
3.2.0
XSS - Prevention - GET : suspicious 'div' tag found in URL
3.2.0
XSS - Prevention - POST : suspicious 'style' tag found in data
5.0.0
XSS - Prevention - POST : javascript code found in data
5.0.0
XSS - Prevention - POST : suspicious tag with event found in data
5.0.0
XSS - Prevention - POST : suspicious 'embed' tag found in data
5.0.0
Gwolle Guestbook: possible remote file inclusion using abspath
5.0.0
XSS - Prevention - POST : 'location' javascript object found in data
5.0.0
XSS - Prevention - POST : code allowing cookie access found in data
5.0.0
XSS - Prevention - POST : 'script' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'style' attribute found in data
5.0.0
XSS - Prevention - POST : suspicious 'applet' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'div' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'img' attribute found in data
5.0.0
XSS - Prevention - POST : suspicious 'meta' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'object' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'iframe' tag found in data
5.0.0
Authenticated File Upload in Ajax load more <= 2.8.1.1
5.0.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2015-10-15 

 Target Type 
Server 

 Possible exploit 
Remote