WordPress Esplanade 1.1.4 Theme Reflected XSS

基本字段

漏洞编号：: SSV-89533

披露/发现时间：: 未知

提交时间：: 2015-09-25

漏洞等级：

漏洞类别：: 跨站脚本

影响组件：: WordPress

漏洞作者：: 未知

提交者：: 正切

CVE-ID：: 补充

CNNVD-ID：: 补充

CNVD-ID：: 补充

ZoomEye Dork：: 补充

来源

漏洞详情

贡献者正切共获得 1.15KB

$_GET['tab'] is not escaped.File: esplanade\includes\theme-options.php<pre class=""><code class="language-php" data-lang="php" style="font-family: Menlo, Monaco, 'Courier New', monospace; font-size: 16px; border-radius: 3px;">function esplanade_theme_page() { add_theme_page( __( 'Esplanade Theme Options', 'esplanade' ), __( 'Theme Options', 'esplanade' ), 'edit_theme_options', 'esplanade_options', 'esplanade_admin_options_page' ); } add_action( 'admin_menu', 'esplanade_theme_page' ); function esplanade_admin_options_page() { ?> <div class="wrap"> <?php esplanade_admin_options_page_tabs(); ?> <?php if ( isset( $_GET['settings-updated'] ) ) : ?> <div class='updated'><?php _e( 'Theme settings updated successfully.', 'esplanade' ); ?></div> <?php endif; ?> <form action="options.php" method="post"> <?php settings_fields( 'esplanade_theme_options' ); ?> <?php do_settings_sections('esplanade_options'); ?> &nbsp; <?php $tab = ( isset( $_GET['tab'] ) ? $_GET['tab'] : 'general' ); ?> <input name="esplanade_theme_options[submit-<?php echo $tab; ?>]" type="submit" class="button-primary" value="<?php _e( 'Save Settings', 'esplanade' ); ?>" /> <input name="esplanade_theme_options[reset-<?php echo $tab; ?>]" type="submit" class="button-secondary" value="<?php _e( 'Reset Defaults', 'esplanade' ); ?>" /> <script> jQuery(document).ready(function($) { $('.wp-color-picker').wpColorPicker(); }); </script> </form> </div> <?php }</code></pre>