漏洞类别:CGI
漏洞等级: 
漏洞信息
WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. The Duplicator plugin gives WordPress users an ability to migrate, copy, move or clone a site from one location to another and also serves as a simple backup utility.
The installer.php source file in the Snap Creek Duplicator (WordPress Site Migration & Backup) plugin prior to 1.2.30 versions contain a cross-site scripting (XSS) vulnerabilitiy because the values "url_new" implemented in /wp-content/plugins/duplicator/installer/build/view.step4.php and "logging" in wp-content/plugins/duplicator/installer/build/view.step2.php source files fail to sufficiently sanitize user supplied input. This could allow an attacker to execute arbitrary HTML and script code in a user's browser session under the context of the site.
Affected Versions:
Snap Creek Duplicator 1.2.28 and prior
QID Detection Logic:
This unauthenticated detection transmits a benign XSS payload to the following resources:
/wp-content/plugins/duplicator/installer/build/view.step4.php via the url_new parameter
/wp-content/plugins/duplicator/installer/build/view.step2.php via the logging parameter.
漏洞危害
Successful exploitation could allow an attacker to execute arbitrary HTML and script code in a user's browser session under the context of the site. This may allow the attacker to access sensitive browser-based information such as authentication cookies and recently submitted data.
解决方案
Customers are advised to upgrade their WordPress plugin to Snap Creek Duplicator 1.2.30 or later versions to remediate this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论