PT-2021-22525 · WordPress · Zoomsounds

Name of the Vulnerable Software and Affected Versions: Zoomsounds plugin versions = 6.45 for WordPress Description: The issue allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsap download action using directory traversal in the link...

CVE-2020-18127

An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files...

Design/Logic Flaw

An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files...

CVE-2020-18127

CVE-2020-18127 affects Indexhibit 2.1.5, specifically the /config/config.php component. The vulnerability is an improper access control that lets an attacker view arbitrary files. Documented impact is file disclosure; no exploit details are provided in the sources. Related notices (e.g., PT-2021-...

CVE-2020-18127

An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily view files...

PT-2021-10137 · Unknown · Indexhibit

Name of the Vulnerable Software and Affected Versions: Indexhibit version 2.1.5 Description: An issue in the "/config/config.php" component allows attackers to arbitrarily view files. Recommendations: For Indexhibit version 2.1.5, consider restricting access to the "/config/config.php" component...

WordPress Download Manager < 3.1.25 - Authenticated Directory Traversal

Authenticated Directory Traversal in WordPress Download Manager Add New. Name the post, and intercept the request when you Submit for Review no file needs to be uploaded. In the filepagetemplate parameter, swap out page-template-1col-flat.php for “\../../../../../wp-config.php” Then preview the...

CVE-2021-24227

The Jetpack Scan team identified a Local File Disclosure vulnerability in the Patreon WordPress plugin before 1.7.0 that could be abused by anyone visiting the site. Using this attack vector, an attacker could leak important internal files like wp-config.php, which contains database credentials a...

CVE-2020-35951

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall with a WordPress instance under their control. This occurre...

WordPress Quiz and Survey Master plugin security vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the Quiz and Survey Master plugin before 7.0.1 for WordPress that...

CVE-2020-15017

NeDi 1.9C is vulnerable to reflected cross-site scripting. The Devices-Config.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the sta GET parameter...

Cross site scripting

NeDi 1.9C is vulnerable to reflected cross-site scripting. The Devices-Config.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the sta GET parameter...

CVE-2020-15017

NeDi 1.9C is vulnerable to reflected cross-site scripting due to improper validation in Devices-Config.php. An attacker can inject arbitrary JavaScript via a crafted sta GET parameter, enabling client-side code execution. This is documented across multiple sources (NVD entry CVE-2020-15017 and re...

CVE-2020-15017

NeDi 1.9C is vulnerable to reflected cross-site scripting. The Devices-Config.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the sta GET parameter...

Attackers Target 1M+ WordPress Sites To Harvest Database Credentials

Attackers were spotted targeting over one million WordPress websites in a campaign over the weekend. The campaign unsuccessfully attempted to exploit old cross-site scripting XSS vulnerabilities in WordPress plugins and themes, with the goal of harvesting database credentials. The attacks were...

CVE-2019-15075

An issue was discovered in iNextrix ASTPP before 4.0.1. webinterface/astpp/application/config/config.php does not have strong random keys, as demonstrated by use of the 8YSDaBtDHAB3EQkxPAyTz2I5DttzA9uR private key and the rfddEw232f encryption key...

Code injection

An issue was discovered in iNextrix ASTPP before 4.0.1. webinterface/astpp/application/config/config.php does not have strong random keys, as demonstrated by use of the 8YSDaBtDHAB3EQkxPAyTz2I5DttzA9uR private key and the rfddEw232f encryption key...

CVE-2019-15075

An issue was discovered in iNextrix ASTPP before 4.0.1. webinterface/astpp/application/config/config.php does not have strong random keys, as demonstrated by use of the 8YSDaBtDHAB3EQkxPAyTz2I5DttzA9uR private key and the rfddEw232f encryption key...

CVE-2019-19851

An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13, 14, and 15 within the Debug/Test page of the Superfecta module at the admin/config.php?display=superfecta URI. This affects Superfecta through 13.0.4.7, 14.x through 14.0.24, and 15.x through 15.0.2.20...

WP Fastest Cache < 0.9.0.3 - Cross-Site Request Forgery (CSRF) Arbitrary File Deletion

The plugin did not have a CSRF nonce check on the "wpfcdeletecurrentpagecache" action, allowing CSRF attacks against authenticated users to delete arbitrary files, including the wp-config.php file. PoC...