Wordpress Multiple Third Party Plugins Multiple Vulnerabilities


Description   (#Multiple vulnerabilities have been identified in third-party plugins for Wordpress:#- Polls Widget: SQL injection located in "question_id" parameter of "front_end.php" file#- Easy Poll: cross-site scripting and cross-site request forgery located in "wp_easy_poll.php" file#- YAWPP: cross-site scripting located in "field1" parameter#- Easy Coming Soon: cross-site scripting located in "admin.php" file#- Ilightbox: remote file inclusion located in "upload.php" file#- Squirrel Theme : local file inclusion located in "functions.php" file#- S3 Video : remote file inclusion located in "uploadify.php" file.##Proofs of concept are available.)
     
Vulnerable Products   Vulnerable Software:
WordPress (WordPress) - 1.5, 1.5.1.1, 2.0, 2.0.1, 2.0.3, ..., 4.2.1, 4.2.2, 4.2.3, 4.3, 4.3.1
     
Solution   - S3 Video: 0.91
     
CVE  
     
References   - 0day : WordPress Polls Widget Plugin 1.0.7 - SQL Injection Vulnerability
http://0day.today/exploit/24674
- Exploit-db : WordPress Plugin WP Easy Poll 1.1.3 - XSS and CSRF
https://www.exploit-db.com/exploits/38915/
- Wpvulndb : YAWPP <= 1.2.2 - Unauthenticated Persistent Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8351
- Wpvulndb : Easy Coming Soon <= 1.8.1 - Authenticated Persistent Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/8302
- 0day : WordPress ilightbox Plugin File Upload Vulnerability
http://0day.today/exploit/24700
- Packetstormsecurity : WordPress S3 Video Remote Shell Upload
https://packetstormsecurity.com/files/134772/wps3video-shell.txt
- Packetstormsecurity : WordPress Squirrel Theme 1.6.4 Remote File Inclusion
https://packetstormsecurity.com/files/134688/wpsquirrel-rfi.txt
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
XSS - Prevention - POST : suspicious 'meta' tag found in data
3.2.0
PHP : Remote file inclusion prevention : suspicious root_path parameter found in URL
3.2.0
XSS - Prevention - POST : suspicious 'img' attribute found in data
3.2.0
XSS - Prevention - POST : suspicious 'style' tag found in data
5.0.0
XSS - Prevention - POST : javascript code found in data
5.0.0
XSS - Prevention - POST : suspicious tag with event found in data
5.0.0
SQL injection Prevention - POST : suspicious UPDATE statement in data
5.0.0
XSS - Prevention - POST : suspicious 'embed' tag found in data
5.0.0
SQL injection Prevention - POST : suspicious SELECT statement in data
5.0.0
XSS - Prevention - POST : 'location' javascript object found in data
5.0.0
Upload of a PHP file in a vulnerable web application
5.0.0
SQL injection Prevention - POST : suspicious DECLARE statement in data
5.0.0
SQL injection Prevention - POST : suspicious OPENROWSET statement in data
5.0.0
SQL injection Prevention - POST : suspicious OPENQUERY statement in data
5.0.0
XSS - Prevention - POST : code allowing cookie access found in data
5.0.0
SQL injection Prevention - POST : suspicious CAST statement in data
5.0.0
SQL injection Prevention - POST : suspicious EXEC statement in data
5.0.0
SQL injection Prevention - POST : suspicious CREATE statement in data
5.0.0
SQL injection Prevention - POST : suspicious INSERT statement in data
5.0.0
XSS - Prevention - POST : 'script' tag found in data
5.0.0
SQL injection Prevention - POST : suspicious DROP statement in data
5.0.0
XSS - Prevention - POST : suspicious 'style' attribute found in data
5.0.0
SQL injection Prevention - POST : suspicious HAVING statement in data
5.0.0
XSS - Prevention - POST : suspicious 'applet' tag found in data
5.0.0
SQL injection Prevention - POST : suspicious UNION statement in data
5.0.0
XSS - Prevention - POST : suspicious 'div' tag found in data
5.0.0
SQL injection Prevention - POST : suspicious OR statement in data
5.0.0
XSS - Prevention - POST : suspicious 'img' attribute found in data
5.0.0
XSS - Prevention - POST : suspicious 'meta' tag found in data
5.0.0
XSS - Prevention - POST : suspicious 'object' tag found in data
5.0.0
SQL injection Prevention - POST : possible version probing in data
5.0.0
XSS - Prevention - POST : suspicious 'iframe' tag found in data
5.0.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2015-12-07 

 Target Type 
Server 

 Possible exploit 
Remote