==================================================== Product: Easy Social Icons WordPress plugin Vendor: CyberNetikz Tested Version: 1.2.2 Vulnerability Type: XSS [CWE-79] and CSRF [CWE-352] Risk Level: Medium Solution Status: Solved in version 1.2.3 Discovered and Provided: Eric Flokstra - ITsec Security Services ==================================================== [-] About the Vendor: Easy Social Icons is a WordPress plugin and can be used to set icons on the public page in order to link to social media platforms such as LinkedIn, Twitter or Facebook. [-] Advisory Details: It is discovered that insufficient validation is performed on the 'image_file' parameter enabling arbitrary JavaScript to be injected. On top of that no random tokens are used to prevent CSRF attacks. By combining these vulnerabilities an attacker could for example trick an admin into setting a persistent XSS payload on the public WordPress page. [-] Proof of Concept:
method="POST" enctype="multipart/form-data">