OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Update on CVE assigned for Wordpress Plugin Simple Gmail Login

nauty.me04gmail.com
Date: Fri Dec 07 2012 - 02:29:05 CST


################
Application- Wordpress Plugin Simple Gmail Login
Exploit - Stack Trace Error
URL- http://wordpress.org/extend/plugins/simple-gmail-login/
################

Author- Aditya Balapure
Link - http://adityabalapure.blogspot.in/
CVE Assigned- CVE-2012-6313.

################
Description

Once you have installed this plugin you can login to wp-admin using your ordinary user name (or your email) and your password on GMail (your old wordpress password still works as well).

Another feature of this plugin is that you will get a log of everybody that logs into your wordpress application. In case you're having problems with this plugin you will find information about that in the same log.

################
Fatal error: Uncaught exception 'Exception' with message 'DateTimeZone::__construct() [<a href='datetimezone.--construct'>datetimezone.--construct</a>]: Unknown or bad timezone ()' in C:\xampp\htdocs\wordpress\wp-content\plugins\simple-gmail-login\simple-gmail-login.php:229 Stack trace: #0 C:\xampp\htdocs\wordpress\wp-content\plugins\simple-gmail-login\simple-gmail-login.php(229): DateTimeZone->__construct('') #1 C:\xampp\htdocs\wordpress\wp-content\plugins\simple-gmail-login\simple-gmail-login.php(210): SimpleGmail_Plugin->log('Plugin activate...', false) #2 [internal function]: SimpleGmail_Plugin->activate('') #3 C:\xampp\htdocs\wordpress\wp-includes\plugin.php(403): call_user_func_array(Array, Array) #4 C:\xampp\htdocs\wordpress\wp-admin\plugins.php(157): do_action('activate_simple...') #5 {main} thrown in C:\xampp\htdocs\wordpress\wp-content\plugins\simple-gmail-login\simple-gmail-login.php on line 229

################

Vendor- Informed, Patched & closed
URL - http://wordpress.org/extend/plugins/simple-gmail-login/changelog/