Slideshow Plugin for WordPress 'settings.php' Multiple Parameter XSS

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote web server hosts a PHP script that is affected by multiple
cross-site scripting vulnerabilities.

Description :

The version of Slideshow Plugin for WordPress installed on the remote
host fails to properly sanitize user-supplied input to the 'settings'
and 'inputFields' parameters of the 'settings.php' script before using
them to generate dynamic HTML output. An attacker can leverage these
issues to inject arbitrary HTML and script code into a user's browser
to be executed within the security context of the affected site.
Successful exploitation of these vulnerabilities requires that PHP's
'register_globals' setting is set to 'on'.

Note that the install is also reportedly affected by an additional
cross-site scripting issue as well as multiple path disclosure
vulnerabilities
however, Nessus has not tested for these issues.

See also :

http://www.waraxe.us/content-92.html
http://www.nessus.org/u?a09e3308

Solution :

Upgrade to version 2.1.13 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 63302 ()

Bugtraq ID: 56090

CVE ID: