--e89a8ff1ccaefae749051e667db5
Content-Type: text/plain; charset=UTF-8

<!--
# Exploit Title: Wordpress Captain Slider Stored XSS
# Date: 2015/8/29
# Exploit Author: Arash Khazaei .
# Vendor Homepage: https://wordpress.org/plugins/captain-slider/
# Software Link: https://downloads.wordpress.org/plugin/captain-slider.zip
# Version: 1.0.6
# Tested on: Kali , Iceweasel Browser
# CVE : N/A
# Contact : http://twitter.com/0xClay
# Email : 0xclay@gmail.com
# Site : http://bhunter.ir

# Intrduction :

# Wordpress Captain Slider Plugin Have 3000+ Active Install
# And Suffer From A Stored XSS Vulnerability In Title And Caption Section .
# Authors , Editors And Of Course Administrators This Vulnerability To Harm
WebSite .

# Exploit :

# To Exploit This Vulnerability Go To Manage Silder Section And Add Slider
In Title And Caption add Your Js Code .
# After Adding New Slider Go To Sorter Section Then You Can See Js Codes
Executed .


Vulnerable Code :
-->
        <th class="column-order"><?php _e('Order', 'ctslider'); ?></th>
        <th class="column-thumbnail"><?php _e('Slide Image', 'ctslider');
?></th>
        <th class="column-title"><?php _e('Title', 'ctslider'); ?></th>





<!-- Discovered By Arash Khazaei (Aka JunkyBoy) -->

--e89a8ff1ccaefae749051e667db5
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">&lt;!--<br># Exploit Title: Wordpress Captain Slider Store=
d XSS<br># Date: 2015/8/29<br># Exploit Author: Arash Khazaei .<br># Vendor=
 Homepage: <a href=3D"https://wordpress.org/plugins/captain-slider/">https:=
//wordpress.org/plugins/captain-slider/</a><br># Software Link: <a href=3D"=
https://downloads.wordpress.org/plugin/captain-slider.zip">https://download=
s.wordpress.org/plugin/captain-slider.zip</a><br># Version: 1.0.6<br># Test=
ed on: Kali , Iceweasel Browser<br># CVE : N/A<br># Contact : <a href=3D"ht=
tp://twitter.com/0xClay">http://twitter.com/0xClay</a><br># Email : <a href=
=3D"mailto:0xclay@gmail.com">0xclay@gmail.com</a><br># Site : <a href=3D"ht=
tp://bhunter.ir">http://bhunter.ir</a><br><br># Intrduction : <br><br># Wor=
dpress Captain Slider Plugin Have 3000+ Active Install <br># And Suffer Fro=
m A Stored XSS Vulnerability In Title And Caption Section .<br># Authors , =
Editors And Of Course Administrators This Vulnerability To Harm WebSite .<b=
r><br># Exploit : <br><br># To Exploit This Vulnerability Go To Manage Sild=
er Section And Add Slider In Title And Caption add Your Js Code .<br># Afte=
r Adding New Slider Go To Sorter Section Then You Can See Js Codes Executed=
 . <br><br><br>Vulnerable Code :<br>--&gt;<br>=C2=A0=C2=A0=C2=A0 =C2=A0=C2=
=A0=C2=A0 &lt;th class=3D&quot;column-order&quot;&gt;&lt;?php _e(&#39;Order=
&#39;, &#39;ctslider&#39;); ?&gt;&lt;/th&gt;<br>=C2=A0=C2=A0=C2=A0 =C2=A0=
=C2=A0=C2=A0 &lt;th class=3D&quot;column-thumbnail&quot;&gt;&lt;?php _e(&#3=
9;Slide Image&#39;, &#39;ctslider&#39;); ?&gt;&lt;/th&gt;<br>=C2=A0=C2=A0=
=C2=A0 =C2=A0=C2=A0=C2=A0 &lt;th class=3D&quot;column-title&quot;&gt;&lt;?p=
hp _e(&#39;Title&#39;, &#39;ctslider&#39;); ?&gt;&lt;/th&gt;<br>=C2=A0=C2=
=A0=C2=A0 =C2=A0=C2=A0=C2=A0 =C2=A0=C2=A0=C2=A0 <br><br><br><br><br>&lt;!--=
 Discovered By Arash Khazaei (Aka JunkyBoy) --&gt;<br></div>

--e89a8ff1ccaefae749051e667db5--