Tweet Blender Wordpress Plugin version 4.0.1 is vulnerable to perform cross-site scripting (XSS) attacks, discovered (HTB23180) by High-Tech Bridge Security Research Lab.
Tweet Blender Wordpress Plugin provides several Twitter widgets: show your own tweets, show tweets relevant to post's tags, show tweets for Twitter lists, show tweets for hasht.
Cross-Site Scripting (XSS) vulnerability in Tweet Blender exists due to insufficient sanitisation of user-supplied data in "tb_tab_index" HTTP POST parameter passed to "/wp-admin/options-general.php" script. A remote attacker can trick a logged-in administrator to open a specially crafted link and execute arbitrary HTML and script code in browser in context of the vulnerable website.
The exploitation example below uses the "alert()" JavaScript function to display "ImmuniWeb" word:
<form action="http://[host]/wp-admin/options-general.php?page=tweet-blender/admin-page.php" method="post" name="main">
<input type="hidden" name="tb_tab_index" value='</script><script>alert("ImmuniWeb");</script>'>
<input type="submit" id="btn">
</form>
This vulnerability patched in Tweet Blender version 4.0.2
No comments:
Post a Comment