Sunday, December 11, 2011

Google reCAPTCHA Wordpress Plugin - Reflected Cross-Site Scripting ( XSS ) Vulnerability

The reCAPTCHA WordPress plugin uses a CAPTCHA to prevent comment spam and also uses MailHide to prevent email spam  

Script Page : http://www.google.com/recaptcha 
                    http://wordpress.org/extend/plugins/wp-recaptcha

POC:
http://localhost/comment-page-1/?rcommentid=(id number)&rerror=XSS

Google dork: inurl:rcommentid= error=



 A lot of sites use this plugin , so please don't be a bad boy ;)

sorry @w3af - Bonsai / Andres Riancho



No comments: