SNS Vulnerability

Wordpress Multiple Third Party Plugins Multiple Vulnerabilities

Description

(#Several vulnerabilities have been identified in third-party plugins for WordPress:#- Facebook With Login: multiple SQL injection and cross-site scripting#- Issuu Panel: local and remote file inclusion#- WP External Links: multiple cross-site scripting#- GravityForms: cross-site scripting#- Music Store: cross-site scripting#- Claptastic Clap! Button: cross-site scripting#- CloudFlare: multiple cross-site scripting#- IMDb Profile Widget: local file inclusion#- Visual Form Builder: multiple cross-site scripting#- Photocart Link: local file inclusion#- Favorite Posts: cross-site scripting#- Ocim MP3 Plugin: reflected cross-site scripting#- Music Store: cross-site scripting#- MailChimp Subscribe Forms: remote code execution.##Proofs of concept are available.)

Vulnerable Products

Vulnerable Software:
WordPress (WordPress) -

Solution

- MailChimp Subscribe Forms: 3.6

CVE

References

- 0day : WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution Vulnerability
http://0day.today/exploit/25113
- 0day : WordPress Facebook With Login 1.0 Cross Site Scripting / SQL Injection Vulnerabilities
http://0day.today/exploit/25112
- 0day : WordPress Issuu Panel 1.6 Remote / Local File Inclusion Vulnerabilities
http://0day.today/exploit/25111
- Vulnerability-lab : WP External Links v1.80 - Cross Site Vulnerabilities
http://www.vulnerability-lab.com/get_content.php?id=1788
- 0day : WordPress GravityForms 1.9.15.11 Cross Site Scripting Vulnerability
http://0day.today/exploit/25023
- Cxsecurity : WordPress Music Store 1.0.41 Cross Site Scripting
https://cxsecurity.com/issue/WLB-2016030148
- Cxsecurity : WordPress Claptastic Clap! Button 1.3 Cross Site Scripting
https://cxsecurity.com/issue/WLB-2016030147
- Cxsecurity : WordPress CloudFlare 1.3.20 Cross Site Scripting
https://cxsecurity.com/issue/WLB-2016030146
- Cxsecurity : WordPress IMDb Profile Widget 1.0.8 Local File Inclusion
https://cxsecurity.com/issue/WLB-2016030145
- Cxsecurity : WordPress Visual Form Builder 2.8.6 Cross Site Scripting
https://cxsecurity.com/issue/WLB-2016030144
- Cxsecurity : WordPress Photocart Link 1.6 Local File Inclusion
https://cxsecurity.com/issue/WLB-2016030143
- Wpvulndb : WP Favorite Posts <= 1.6.5 - Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8423
- Wpvulndb : Ocim MP3 Plugin - Unauthenticated Reflected Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8425
- Wpvulndb : Music Store <= 1.0.41 - Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8429
- Wpvulndb : CloudFlare <= 1.3.20 - Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8428
- Wpvulndb : Claptastic clap! Button <= 1.3 - Authenticated Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8427
- Wpvulndb : IMDb Profile Widget <= 1.0.8 - Local File Inclusion (LFI)
https://wpvulndb.com/vulnerabilities/8426

Vulnerability Manager Detection

IPS Protection

ASQ Engine alarm	Available Since
XSS - Prevention - GET : suspicious 'iframe' tag found in URL	3.2.0
XSS - Prevention - GET : suspicious 'meta' tag found in URL	3.2.0
Misc : Directory traversal - parameter starting with ../	3.2.0
XSS - Prevention - GET : suspicious tag with event found in URL	3.2.0
XSS - Prevention - POST : suspicious 'meta' tag found in data	3.2.0
XSS - Prevention - GET : suspicious 'applet' tag found in URL	3.2.0
Directory traversal using ..\..	3.2.0
XSS - Phishing : suspicious 'div' tag found in URL	3.2.0
XSS - Prevention - GET : suspicious 'style' attribute found in URL	3.2.0
XSS - Prevention - GET : suspicious 'img' tag found in URL	3.2.0
XSS - Prevention - POST : suspicious 'img' attribute found in data	3.2.0
Directory traversal	3.2.0
XSS - Phishing : suspicious 'a' tag found in URL	3.2.0
XSS - Prevention - GET : cookie access attempt using script language found in URL	3.2.0
PHP : Remote file inclusion prevention : URL found as parameter	3.2.0
XSS - Prevention - GET : suspicious 'embed' tag found in URL	3.2.0
XSS - Prevention - GET : suspicious 'object' tag found in URL	3.2.0
XSS - Phishing : suspicious 'form' tag found in URL	3.2.0
XSS - Prevention - GET : javascript code found in URL	3.2.0
XSS - Prevention - GET : evasion attempt using tag characters encoding in URL	3.2.0
Directory traversal backward root folder	3.2.0
XSS - Prevention - GET : suspicious 'style' tag found in URL	3.2.0
XSS - Phishing : suspicious 'link' tag found in URL	3.2.0
XSS - Prevention - GET : 'script' tag found in URL	3.2.0
XSS - Prevention - GET : 'location' javascript object found in URL	3.2.0
XSS - Prevention - GET : suspicious 'div' tag found in URL	3.2.0
Misc : Local File Inclusion - suspicious /etc/passwd found in URL	3.5.0
XSS - Prevention - POST : suspicious 'style' tag found in data	5.0.0
XSS - Prevention - POST : javascript code found in data	5.0.0
XSS - Prevention - POST : suspicious tag with event found in data	5.0.0
SQL injection Prevention - POST : suspicious UPDATE statement in data	5.0.0
XSS - Prevention - POST : suspicious 'embed' tag found in data	5.0.0
SQL injection Prevention - POST : suspicious SELECT statement in data	5.0.0
XSS - Prevention - POST : 'location' javascript object found in data	5.0.0
SQL injection Prevention - POST : suspicious DECLARE statement in data	5.0.0
SQL injection Prevention - POST : suspicious OPENROWSET statement in data	5.0.0
SQL injection Prevention - POST : suspicious OPENQUERY statement in data	5.0.0
XSS - Prevention - POST : code allowing cookie access found in data	5.0.0
PHP tags found in URL	5.0.0
SQL injection Prevention - POST : suspicious CAST statement in data	5.0.0
SQL injection Prevention - POST : suspicious EXEC statement in data	5.0.0
SQL injection Prevention - POST : suspicious CREATE statement in data	5.0.0
SQL injection Prevention - POST : suspicious INSERT statement in data	5.0.0
XSS - Prevention - POST : 'script' tag found in data	5.0.0
SQL injection Prevention - POST : suspicious DROP statement in data	5.0.0
XSS - Prevention - POST : suspicious 'style' attribute found in data	5.0.0
SQL injection Prevention - POST : suspicious HAVING statement in data	5.0.0
XSS - Prevention - POST : suspicious 'applet' tag found in data	5.0.0
SQL injection Prevention - POST : suspicious UNION statement in data	5.0.0
XSS - Prevention - POST : suspicious 'div' tag found in data	5.0.0
SQL injection Prevention - POST : suspicious OR statement in data	5.0.0
XSS - Prevention - POST : suspicious 'img' attribute found in data	5.0.0
XSS - Prevention - POST : suspicious 'meta' tag found in data	5.0.0
XSS - Prevention - POST : suspicious 'object' tag found in data	5.0.0
SQL injection Prevention - POST : possible version probing in data	5.0.0
PHP : RFI attack attempt on a vulnerable application	5.0.0
XSS - Prevention - POST : suspicious 'iframe' tag found in data	5.0.0

Risk level

Moderate

Vulnerability First Public Report Date

2016-03-24

Target Type

Server

Possible exploit

Remote