0

WP Mailster (XSS) CVE-2017-17451

Today I will tell you about another Cross-site scripting that I discovered the plugin “WP Mailster” version 1.5.4.0 of the company Brandtoss (https://wpmailster.com/)

The security bug is found in the month parameter in the”wp-mailster/view/subscription/unsubscribe2. php” file which, as you can see in the following screenshot, lacks the necessary mechanisms to prevent code injection.

  <h2 class="componentheading mailsterUnsubscriberHeader">Unsubscription</h2>
    <div class="contentpane">
        <div id="mailsterContainer">
            <div id="mailsterUnsubscriber">
                <div id="mailsterUnsubscriberDescription"><?php echo $_GET['mes']; ?></div>
            </div>
        </div>
    </div>

 

The malicious code runs without problems

This screenshot shows the code inside the HTML body.

 

 

adm1n

Leave a Reply

Your email address will not be published. Required fields are marked *