[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] wow-moodboard-lite v1.1.1.1 Wordpress plugin has an open redirect
From: "Larry W. Cashdollar" <larry0 () me ! com>
Date: 2015-05-29 14:55:30
Message-ID: 6C936C2A-9CF0-4EAC-AA24-FB571775DEA1 () me ! com
[Download RAW message or body]
Title: wow-moodboard-lite v1.1.1.1 Wordpress plugin has an open redirect
Author: Larry W. Cashdollar, @_larry0
Date: 2015-05-10
Download Site: https://wordpress.org/plugins/wow-moodboard-lite/
Vendor: mschot
Vendor Notified: 2015-05-19
Vendor Contact: https://profiles.wordpress.org/mschot/
Description:
A mood board is a type of collage consisting of images, text, and samples of objects in a \
composition. They may be physical or digital, and can be "extremely effective" presentation \
tools.
Vulnerability:
wowproxy.php doesn't require any authentication to the proxy images function. Users can be \
misled to a malicious link via this feature.
26 // Get the url of the image to be proxied
27 $url = ( isset( $_POST[ 'url' ] ) ) ? $_POST[ 'url' ] : ( isset( $_GET[ 'url ' ] ) ? \
$_GET[ 'url' ] : false );
39 function proxyimages( $url )
40 {
41 header( "Location: ".$url );
42 exit;
43 }
CVEID: 2015-4070
OSVDB:122368
Exploit Code:
• http://wp-site/wordpress/wp-content/plugins/wow-moodboard-lite/wowproxy.php?url=http://site_to_redirect
Advisory: http://www.vapid.dhs.org/advisory.php?v=120=
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic