# Exploit Title: Wordpress wp-shop Cross Site Scripting
# Exploit Author: Ashiyane Digital security Team
# Vendor Homepage: https://wordpress.org/plugins/wp-shop-original/
# Software Link: https://downloads.wordpress.org/plugin/wp-shop-original.zip
# Version: 3.4.3.18
# Date: 2015/9/14
# Tested on: windows 7 /FireFox
####################################################
#Exploit :
####################################################################
# Vulnerable File :
/wp-content/plugins/wp-shop-original/views/admin/settings.php
# Vulnerable code:
Line 78:
|
##########################################################
discovered by : Amir.ght(Goldhack)