BackWPup version 3.0.12 (WordPress plugin) is vulnerable to perform cross-site scripting (XSS) attacks against administrator of website. The vulnerability exists due to insufficient filtration of user-supplied data in "tab" HTTP GET parameter passed to "wp-admin/admin.php" script. A remote attacker can trick a logged-in administrator to open a specially crafted link and execute arbitrary HTML and script code in browser in context of the vulnerable website.
Full details and how-to exploit XSS vulnerability on BackWPup example available here. Solution: upgrade your installation to BackWPup 3.0.13.
No comments:
Post a Comment