Wordpress InTouch Theme 'intouch_failure' Parameter Cross Site Scripting Vulnerability

To exploit this issue an attacker must entice an unsuspecting user into following a malicious URI.

Following example URI is available.

http://www.example.com/wp-content/plugins/intouch/intouch.js.php?intouch_failure=[XSS]


 

Privacy Statement
Copyright 2010, SecurityFocus