BulletProof Security 0.53.3 - Multiple Cross-site Scripting

Advisory ID: RO-16-007
Severity: Medium
Vendor: AITpro
Product: BulletProof Security
Version: 0.53.3

Overview #

Multiple Cross-site Scripting (XSS) vulnerabilities exist in BulletProof Security WordPress Plugin version 0.53.3.

Vulnerability Details #

Affected Versions: 0.53.3 and earlier

Root Cause: Insufficient input validation in security log page.

Technical Details #

Vulnerable URL: /wp-admin/admin.php?page=bulletproof-security/admin/security-log/security-log.php

Vulnerable Parameter (POST): user-agent-ignore

Attack Pattern:

'"--></style></scRipt><scRipt>alert(0x001E32)</scRipt>

Exploitation Requirements #

  • Admin authentication required
  • Victim must interact with the malicious element

Impact #

Remote attackers can exploit these vulnerabilities to:

  • Steal admin session cookies
  • Perform administrative actions
  • Bypass security logging features

Solution #

Update to the latest version. See BPS Changelog.

References #

Timeline:

  • [2016-03-15] - First Contact
  • [2016-03-23] - Vendor Fixed
  • [2016-05-09] - Advisory Released

Credits: Omar Kurt