Ashiyane DST Find WordPress Open Redirect & XSS Bugs
Iranian Security experts of Ashiyane Digital Security Team have find new WordPress vulnerabilities:
- WordPress JS External Link Info 1.21 Open Redirect Vulnerability – Detail: here And here –
- WordPress Tubepress Plugin v 2 Cross Site Scripting – Detail is here –
- WordPress No External links Plugin Open Redirect -Detail is here –
XSS – Cross Site Scripting- is type of computer security vulnerability found in web applications enable attackers to inject client-sides script into web pages viewed by other users
Open redirect – Open redirect is applications that have parameter and redirects user to parameter value with no validation type Vulnerability is used in phishing attacks for user to visit malicious sites with user not knowing about problem
Discover By:
- Cloner-47
- Ac!D And thanks to: EhSan D3s!6n37, H.empire, M.hidden, Linx64, B0z0rgmehr, Maziar, N3TC@T, M.a.M.a.D, M.hacking, Sh.BlackHAT, V For vendetta, Sh.Cloner & Hassan
- Ac!D And thanks to: H.empire, M.hidden, M.hacking, Sh.BlackHAT, V for vendetta, Sh.Cloner & Hassan
All bugs find by Ashiyane DST is here And here
Ashiyane Digital Security Team home: http://ashiyane.org