Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scripting (XSS)



Description
The jQuery prettyPhoto library bundled with many plugins was found to be vulnerable to DOM Cross-Site Scripting (XSS).
Proof of Concept
http://www.example.com/#prettyPhoto[gallery]/1,<a onclick="alert(/esto-es-una-prueba/);">/

Affects Plugins

fixed in version 1.2.7.5
- plugin closed
fixed in version 2.0.227
no known fix
- plugin closed
fixed in version 2.1.3
fixed in version 2.1.7
fixed in version 5.4
- plugin closed
no known fix
- plugin closed
fixed in version 4.6.1
fixed in version 3.3
fixed in version 1.1.7
fixed in version 2.0.0
no known fix
- plugin closed
no known fix
- plugin closed
no known fix
- plugin closed
fixed in version 0.0.8
- plugin closed
no known fix
- plugin closed
fixed in version 6.6
no known fix
- plugin closed
fixed in version 1.4.12
fixed in version 0.4.17
fixed in version 5.5
no known fix
- plugin closed
fixed in version 2.5.2
- plugin closed
no known fix
- plugin closed
no known fix
- plugin closed
fixed in version 2.11.8.18
fixed in version 1.2.0
fixed in version 1.7.5

References

URL https://blog.anantshri.info/forgotten_disclosure_dom_xss_prettyphoto
URL https://github.com/scaron/prettyphoto/issues/149
URL https://github.com/wpscanteam/wpscan/issues/818

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Submitter ethicalhack3r
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 10960
Verified No
WPVDB ID 7985

Timeline

Publicly Published 2015-05-14 (about 5 years ago)
Added 2015-05-14 (about 5 years ago)
Last Updated 2019-10-21 (8 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin