Slideshow Plugin for WordPress settings.php Multiple Parameter XSS

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote web server hosts a PHP script that is affected by multiple
cross-site scripting vulnerabilities.

Description :

The version of Slideshow Plugin for WordPress installed on the remote
host fails to properly sanitize user-supplied input to the 'settings'
and 'inputFields' parameters of the 'settings.php' script before using
them to generate dynamic HTML output. An attacker may be able to
leverage these issues to inject arbitrary HTML and script code into a
user's browser to be executed within the security context of the
affected site.

Successful exploitation of either vulnerability requires that
PHP's 'register_globals' setting is set to 'on'.

Note that the install is also likely to be affected by an additional
cross-site scripting issue as well as multiple path disclosure
vulnerabilities, although Nessus has not tested for those.

See also :

http://www.waraxe.us/content-92.html

Solution :

Unknown at this time.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 63302 ()

Bugtraq ID: 56090

CVE ID: