WordPress Duplicator插件跨站脚本漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1121778 漏洞类型 跨站脚本
发布时间 2013-07-24 更新时间 2013-07-24
CVE编号 CVE-2013-4625 CNNVD-ID CNNVD-201307-511
漏洞平台 PHP CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/38676
https://www.securityfocus.com/bid/61425
https://cxsecurity.com/issue/WLB-2013070201
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-201307-511
|漏洞详情
WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。Duplicator是其中的一个扩展插件,该插件的作用是将一个网站迁移/克隆到另一个位置。WordPress的Duplicator插件中存在跨站脚本漏洞,该漏洞源于程序没有正确过滤用户提交的输入。当用户浏览被影响的网站时,其浏览器将执行攻击者提供的任意代码,这可能导致攻击者窃取基于cookie的身份认证并发起其它攻击。Duplicator0.4.4版本中存在漏洞,其他版本也可能受到影响。
|漏洞EXP
source: http://www.securityfocus.com/bid/61425/info

The Duplicator plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Duplicator 0.4.4 is vulnerable; other versions may also be affected. 

http://www.example.com/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E
|参考资料

来源:www.htbridge.com
链接:https://www.htbridge.com/advisory/HTB23162
来源:XF
名称:duplicator-cve20134625-xss(85939)
链接:http://xforce.iss.net/xforce/xfdb/85939
来源:BID
名称:61425
链接:http://www.securityfocus.com/bid/61425
来源:support.lifeinthegrid.com
链接:http://support.lifeinthegrid.com/knowledgebase.php?article=20
来源:packetstormsecurity.com
链接:http://packetstormsecurity.com/files/122535/WordPress-Duplicator-0.4.4-Cross-Site-Scripting.html
来源:OSVDB
名称:95627
链接:http://osvdb.org/95627
来源:BUGTRAQ
名称:20130724Cross-SiteScripting(XSS)inDuplicatorWordPressPlugin
链接:http://archives.neohapsis.com/archives/bugtraq/2013-07/0161.html