Monday, October 29, 2012

XSS vulnerability in Wordpress themes by Kriesi

According to my tests, the following premium Wordpress themes by Kriesi are affected by a reflected Cross-site Scripting (XSS) vulnerability:

Sales figures are based on Themeforest statistics. Over 16,000 web sites could be affected.

Developer status: notified initially on 5th of October
Latest developer response (24-Oct) : rolling out fixes in the near future.
Developer home page: http://www.kriesi.at/
Official support forum: http://www.kriesi.at/support/

Examples

Broadscope theme: injecting a fake login form using the iframe-tag (note: potential attacker would most likely mimic the target site layout and style):


Choices theme: external Javascript that displays the browser cookie:


Further reading:

Analysis of 15 million cyber attacks - posted on 22-Oct on Help Net Security. According to the article, XSS is now the most common attack type.

Update 30-Oct:
- The Open Source Vulnerability Database entries can be found from here
- My post on Themeforest forum was removed without explanation
- Propulsion and Sentence themes added


1 comment: