TUCoPS :: HP Unsorted W :: b1a-1395.htm

WP-UserOnline for WordPress Vulnerabilities
Vulnerabilities in WP-UserOnline for WordPress
Vulnerabilities in WP-UserOnline for WordPress


Hello Bugtraq!

I want to warn you about security vulnerabilities in plugin WP-UserOnline 
for WordPress.

-----------------------------
Advisory: Vulnerabilities in WP-UserOnline for WordPress
-----------------------------
URL: http://websecurity.com.ua/4177/ 
-----------------------------
Affected products: WP-UserOnline 2.62 and previous versions.
-----------------------------
Timeline:

26.04.2010 - found vulnerabilities.
30.04.2010 - announced at my site.
01.05.2010 - informed developer.
07.05.2010 - developer released WP-UserOnline 2.70. In version 2.70 the
developer fixed XSS, but not Full path disclosure vulnerabilities.
01.07.2010 - disclosed at my site.
-----------------------------
Details:

These are Cross-Site Scripting and Full path disclosure vulnerabilities.

XSS:

With help of special request to the site it's possbile to conduct XSS 
attack. For this it's needed to send GET request in special way (not in 
browser) to page http://site/?. 

This is persistent XSS. Vulnerability appears at page 
http://site/wp-admin/index.php?page=wp-useronline. 

Full path disclosure:

http://site/wp-content/plugins/wp-useronline/admin.php 

http://site/wp-content/plugins/wp-useronline/widget.php 

http://site/wp-content/plugins/wp-useronline/wp-stats.php 

http://site/wp-content/plugins/wp-useronline/wp-useronline.php 

http://site/wp-content/plugins/wp-useronline/scb/Widget.php 

http://site/wp-content/plugins/wp-useronline/scb/load.php 

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH