WordPress Plugin Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting

EDB-ID:

30105




Platform:

PHP

Date:

2013-12-08


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

# Exploit Title: Wordpress Plugin: Wordpress Download Manager Free & Pro
Persistent Cross Site Scripting 

# Google Dork:

# Date: 12-06-2013

# Exploit Author: IT Nerdbox

# Vendor Homepage: http://www.wpdownloadmanager.com # Software Link:
http://downloads.wordpress.org/plugin/download-manager.zip

# Version: v3.3.8

# Tested on: Wordpress 3.7.1 on Linux CentOS # CVE : N/A

 

 

 

When creating a new download package you need to enter a title, description
and the file(s) that you want to be available for download. The title input
field is not sanitized and therefor vulnerable to persistent cross site
scripting. The payload used is <input onmouseover=prompt(document.cookie)>

 

 

More information, including screenshots, can be found at:

http://www.nerdbox.it/wordpress-download-manager-xss/