7 matches found
WordPress Daily Edition Theme Full Path Information Disclosure Vulnerability
WordPress is a use of PHP language development blog platform, users can support PHP and MySQL database server set up their own weblog. WordPress Daily Edition theme version 1.6.7 suffers from an information disclosure vulnerability in the implementation, which allows attackers to exploit this...
WordPress Daily Edition Theme Unauthorized Upload Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on servers with PHP and MySQL.WordPress Daily Edition Theme is a theme plugin for wordpress. WordPress Daily Edition Theme thumb.php fails t...
WordPress Daily Edition Theme 1.6.2 Cross Site Scripting
WordPress Daily Edition Theme v1.6.2 XSS Cross-site Scripting Security Vulnerabilities Exploit Title: WordPress Daily Edition Theme /fiche-disque.php id Parameters XSS Security Vulnerabilities Product: WordPress Daily Edition Theme Vendor: WooThemes Vulnerable Versions: v1.6. v1.5. v1.4. v1.3...
WordPress Daily Edition 1.6.2 SQL Injection
WordPress Daily Edition Theme v1.6.2 SQL Injection Security Vulnerabilities Exploit Title: WordPress Daily Edition Theme v1.6.2 /fiche-disque.php id Parameters SQL Injection Security Vulnerabilities Product: WordPress Daily Edition Theme Vendor: WooThemes Vulnerable Versions: v1.6.2 Tested Versio...
WordPress Daily Edition Theme <= 1.6.2 - SQL Injection
This theme is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the theme...
WordPress Daily Edition Theme <= 1.6.2 - Unrestricted File Upload
Because of this vulnerability, the attackers can upload any file to the site by using this uploader. Solution Update the theme...
WordPress Daily Edition Theme - Remote Code Execution
There are a bug in this theme, that allows any website visitor to run and see the output of any shortcode. This gives unauthenticated visitors the same power to execute code on the server as regular publishers have. Solution Update the theme...