WordPress Plugin w3-total-cache 0-day Stored Cross site Scripting Vulnerability.
Vulnerable Plugin - W3-total-cache Plugin
Tested On - WordPress 3.6 on Windows 7, Linux.
Vulnerability: Stored Cross Site Scripting.
W3-Total-Cache Plugin is Most defamed for its Poor Security. Version of W3-total-cache Plugin ie Version 0.9.2.11, it is being hit by another major vulnerability which exploited Cleverly and Successfully can compromise the Admin Account of WordPress Site.
Following are the Steps:
1) Go to Dashboard.
2) Click on Installed Plugins.
3) Go to W3-Total-Cache Plugin and Click on settings.
4) Go to Reverse Proxy and Click on page cache settings.
5) Go to Cache Preload and Type Vector - "><img src=x onerror=prompt(0);>. in Sitemap URL and Click on Save.
6) You will get a Prompt.
Here is a Video Demonstration of this Vulnerability.
Reach me at Facebook - https://www.facebook.com/heartstlear
Reach me at twitter - https://www.twitter.com/tush2388
Reach me at LinkedIn - http://www.linkedin.com/pub/tushar-kumbhare/69/8a7/9b8
Thanks.
Happy Hacking :)