Posts

Showing posts with the label Cross Site Request Forgery

Word Press Photo Plus Photo Search XSS/CSRF Vulnerability

The WordPress Photo Plus plugin suffers from a XSS/CSRF  Vulnerability.


# Exploit Title: Word Press Photo Plus, Photo Search XSS/CSRF Vulnerability
# Google Dork: inurl:plugins +inurl:wp-photo-album-plus +intext:"Photo Search"
# Date: 29/12/12
# Exploit Author: k3170makan
# Vendor Homepage: http://wordpress.org/extend/plugins/wp-photo-album-plus/
# Software Link: http://wordpress.org/extend/plugins/wp-photo-album-plus/
# Version: 4.8.11
# Tested on: Ubuntu 10.04

Labels

Show more