Wednesday, 4 January 2012

Wordpress 3.3 XSS vulnerability














# Exploit Title: Reflected Cross Site Scripting in wordpress 3.3

# Google Dork: intext:"Proudly powered by WordPress"
# Date: 2.Jan.2012
# Author: Aditya Modha, Samir Shah
# Greetz: Jigar Soni, Mr 52
# Software Link: http://www.wordpress.org/download/
# Version: 3.3
# Tested on: apache
# CVE :  Nope.Step 1
: Post a comment to the target websiteStep 2


: Replace the value
of author
Posted by at
Labels: , , , , , , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)