Wordpress W3-Total-Cache Plugin 0.9.2.11 Persistant XSS Vulnerability.



WordPress Plugin w3-total-cache 0-day Stored Cross site Scripting Vulnerability.


Vulnerable Plugin - W3-total-cache Plugin
Vulnerable Version  - Version 0.9.2.11 and Prior.
Tested On - WordPress 3.6 on Windows 7, Linux.

Vulnerability:  Stored Cross Site Scripting.

W3-Total-Cache Plugin is Most defamed for its Poor Security.  Version of W3-total-cache Plugin ie Version 0.9.2.11, it is being hit by another major vulnerability which exploited Cleverly and Successfully can compromise the Admin Account of WordPress Site.

Following are the Steps:

1) Go to Dashboard.

 2) Click on Installed Plugins.


3) Go to W3-Total-Cache Plugin and Click on settings.


4) Go to Reverse Proxy and Click on page cache settings.

 5) Go to Cache Preload and Type Vector - "><img src=x onerror=prompt(0);>. in Sitemap URL and     Click on Save.


6) You will get a Prompt.


Here is a Video Demonstration of this Vulnerability.



Reach me at Facebook - https://www.facebook.com/heartstlear

Reach me at twitter - https://www.twitter.com/tush2388

Reach me at LinkedIn - http://www.linkedin.com/pub/tushar-kumbhare/69/8a7/9b8


Thanks.

Happy Hacking :)

{ 0 comments... read them below or add one }

Post a Comment

 

Receive All Free Updates Via Facebook.