############################# Exploit Title : Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 18/02/13 software link: http://wordpress.org/extend/plugins/responsive-logo-slideshow/ CVE Assigned - CVE-2013-1759 ############################# Responsive Logo Slideshow Plugin description The Responsive Logo Slideshow Plugin in Wordpress http://wordpress.org/extend/plugins/responsive-logo-slideshow/ has a Reflected/Stored? XSS Vulnerability in the URL and Image input box. If a malicious user is able to inject a script that may affect each and every viewer who visits the website. Once a malicious user compromises the login credentials, he may use these input fields to store malicious scripts and thus carry on a passive attack. ########################## XSS location URL and Image input box. Script Used- ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//"; alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//-- ></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> ########################## Vendor Notification 05/02/2013 to: - Vendor notified awaiting action 17/02/2013 - The Plugin has been removed from the repository by the Wordpress Team
