Uncategorized

Multiple Authenticated Stored XSS in NinjaForms Settings Page (Version 3.4.22 )

Posted on

Authenticated Stored XSS in NinjaForms Settings Page (Version 3.4.22 )   Background A Spider Sec Ltd consultant discovered an Authenticated Stored XSS vulnerability inside the Ninja forms WordPress Plugin which could allow attackers to hi-jack administrative cookies if an attack is coupled together with a phishing campaign.   Technical Details The following parameters are vulnerable […]

Vulnerability Discovery

Registration Magic Multiple Unauthenticated XSS Vulnerabilities (Version 4.6.0.0)

Posted on

Registration Magic Version 4.6.0.0 (Multiple XSS Vulnerabilities) Background After discovering two new WordPress Plugin vulnerabilities on a recent web application penetration test (which were authenticated and difficult to weaponise) I decided to go in search for some higher ticket WordPress Plugin vulnerabilities in my spare time. I started downloading registration form and forum building plugins, […]

Vulnerability Discovery

Calculated Fields Form WP Plugin (Version <= 1.0.353) Authenticated Stored XSS

Posted on

Calculated Fields Form WP Plugin (Version <= 1.0.353) Multiple Authenticated Stored XSS Background The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input forms. These Calculated Fields Form vulnerabilities were discovered during a web application penetration test by a Spider Sec Ltd Consultant. Technical Details​ An […]

Vulnerability Discovery

Chained Quiz WP Plugin Unauthenticated Reflected XSS (Version 1.1.8.1)

Posted on

Chained Quiz WP Plugin Unauthenticated Reflected XSS (Version 1.1.8.1) Background During a web application penetration testing engagement, we discovered our client was using the Chained Quiz Plugin to serve quizzes on the front-end of their site. A quick analysis using WPscan uncovered several historic Chained Quiz Vulnerabilities which had been disclosed in previous versions. As […]