Share
## https://sploitus.com/exploit?id=PACKETSTORM:214740
WP-Polls 2.73 - Reflected Cross-site Scripting
    Advisory ID: RO-16-005
    CVE ID: CVE-2016-10936
    Severity: Medium
    Vendor: WordPress
    Product: WP-Polls
    Version: 2.73
    
    
    Overview #
    
    A Reflected Cross-site Scripting (XSS) vulnerability exists in WP-Polls WordPress Plugin version 2.73.
    
    
    Vulnerability Details #
    
    Affected Versions: 2.73 and earlier
    
    CVE: CVE-2016-10936
    
    Root Cause: Insufficient input validation in the poll options page.
    Technical Details #
    
    Vulnerable URL: /wp-admin/admin.php?page=wp-polls/polls-options.php
    
    Vulnerable Parameter (POST): poll_bar_style
    
    Attack Pattern:
    
    '" onmouseover=alert(0x000C5A)
    
    
    
    Exploitation Requirements #
    
        Admin authentication required
        Victim must interact with the malicious element
    
    Impact #
    
    Remote attackers can exploit this vulnerability to:
    
        Steal admin session cookies
        Perform administrative actions
        Modify poll settings
    
    
    
    Solution #
    
    Update to the latest version of WP-Polls. See changelog.
    
    
    References #
    
        Invicti Advisory NS-16-009
    
    Timeline:
    
        [2016-06-28] - First Contact
        [2016-06-29] - Vendor Replied
        [2016-07-29] - Advisory Released
    
    Credits: Omar Kurt