Ashiyane DST Find WordPress Open Redirect & XSS Bugs

Iranian Security experts of Ashiyane Digital Security Team have find new WordPress vulnerabilities:

  1. WordPress JS External Link Info 1.21 Open Redirect Vulnerability – Detail: here And here –
  2. WordPress Tubepress Plugin v 2 Cross Site Scripting – Detail is here –
  3. WordPress No External links Plugin Open Redirect -Detail is here

XSS – Cross Site Scripting- is type of computer security vulnerability found in web applications enable attackers to inject client-sides script into web pages viewed by other users

Open redirect – Open redirect is applications that have parameter and redirects user to parameter value with no validation type Vulnerability is used in phishing attacks for user to visit malicious sites with user not knowing about problem

Discover By:

  1. Cloner-47
  2. Ac!D And thanks to: EhSan D3s!6n37, H.empire, M.hidden, Linx64, B0z0rgmehrMaziar, N3TC@TM.a.M.a.D, M.hacking, Sh.BlackHAT, V For vendetta, Sh.Cloner & Hassan
  3. Ac!D And thanks to: H.empire, M.hidden, M.hacking, Sh.BlackHAT, V for vendetta, Sh.Cloner & Hassan

All bugs find by Ashiyane DST is here And here

Ashiyane Digital Security Team home: http://ashiyane.org

Leave a Reply

Your email address will not be published. Required fields are marked *