Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scripting (XSS)

Sign up to our free email alerts service for instant vulnerability notifications!

Description
The jQuery prettyPhoto library bundled with many plugins was found to be vulnerable to DOM Cross-Site Scripting (XSS).
Proof of Concept
http://www.example.com/#prettyPhoto[gallery]/1,<a onclick="alert(/esto-es-una-prueba/);">/

Affects

Plugins alpine-photo-tile-for-instagram
fixed in version 1.2.7.5

contact-bank
fixed in version 2.0.227

dp-maintenance-mode-lite
ehive-account-details
fixed in version 2.1.3

ehive-object-details
fixed in version 2.1.7

embedplus-for-wordpress
fixed in version 5.4

fancyflickr
foxyshop
fixed in version 4.6.1

gallery-bank
fixed in version 3.0.229

images-lazyload-and-slideshow
fixed in version 3.3

image-slider-widget
fixed in version 1.1.7

izeechat
fixed in version 1.1

jcwp-youtube-channel-embed
lb-tube-video
matrix-image-gallery
mklasens-photobox
myblogu
mytreasures
onclick-show-popup
fixed in version 6.6

random-image-gallery-with-pretty-photo-zoom
fixed in version 7.5

reflex-gallery
fixed in version 3.1.5

responsive-category-slider
responsive-lightbox
fixed in version 1.4.12

s2member-secure-file-browser
fixed in version 0.4.17

tallykit
ticket-manager
webrotate-360-product-viewer
fixed in version 2.5.2

wp-business-directory
wp-easy-gallery
fixed in version 4.1.1

wp-instagram-bank
wppizza
fixed in version 2.11.8.18

wp-portfolio-gallery
fixed in version 1.2.0

wp-video-lightbox
fixed in version 1.7.5

References

URL https://blog.anantshri.info/forgotten_disclosure_dom_xss_prettyphoto
URL https://github.com/scaron/prettyphoto/issues/149
URL https://github.com/wpscanteam/wpscan/issues/818

Classification

Type XSS
OWASP Top 10 A3: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Submitter ethicalhack3r
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 941
Verified No
WPVDB ID 7985

Timeline

Publicly Published 2015-05-14 (over 1 year ago)
Added 2015-05-14 (over 1 year ago)
Last Updated 2015-11-25 (about 1 year ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.