Published on August 21st, 2017 📆 | 8518 Views ⚑
0S-XSS To Defacement & Account TakeOver
iSpeech.org
#Nittam #TheNittam #XSS #Account #TakeOver
Write Up Available At http://nirmaldahal.com.np/sxss-to-defacement-and-account-takeove
This video shows the vulnerability on the "Ultimate SEO" plugin that took from S-XSS to account take over. This plugin was developed by Q2A themes which are free to use by the public. It is an open-source project.
The users with Q2A forum themes using this plugin are affected by this vulnerability.
This plugin is used by a mass number of people on their websites and by exploiting this vulnerability an attacker can easily access the user's account and even deface the website's targeted page.
Affected Plugin Version: 1.3
Patched Verison:
https://github.com/q2a-projects/Q2A-Ultimate-SEO
Social Network:
https://facebook.com/TheNittam
https://twitter.com/TheNittam
https://instagram.com/TheNittam
WebSite & Blog:
https://nirmaldahal.com.np
video, sharing, camera phone, video phone, free, upload
2017-08-21 00:57:53
source
Gloss