Title: Reflected XSS in Phpwhois component of adsense-click-fraud-monitoring wordpress plugin v1.7.5 |
Author: Larry W. Cashdollar, @_larry0 |
Date: 2015-05-11 |
[CVE-2015-3998] |
Download Site: https://wordpress.org/plugins/adsense-click-fraud-monitoring/ |
Vendor: |
Vendor Notified: 2015-05-12 |
Vendor Contact: dmitry@lukashin.ru |
Advisory: http://www.vapid.dhs.org/advisory.php?v=119http://www.vapid.dhs.org/advisory.php?v=119 |
Description: Prevents to be banned and excluded from your AdSense account due to malicious or unintended third party clicks on advertisements on your website. |
Vulnerability: A component phpwhois 4.2.5 (http://phpwhois.pw https://github.com/phpWhois/phpWhois) packaged with this plugin contains a reflected XSS vulnerability due to not properly sanitizing
user input before passing it to a html page:
36 if (isSet($_GET['query']))
37 {
38 $query = $_GET['query'];
39
40 if (!empty($_GET['output']))
41 $output = $_GET['output'];
42 else
43 $output = '';
.
.
62
63 $result = $whois->Lookup($query);
64 $resout = str_replace('{query}', $query, $resout);
65 $winfo = '';
66
|
Export: JSON TEXT XML |
Exploit Code:
|
Screen Shots: |
Notes: |