CVE-2016-10882

The google-document-embedder plugin before 2.6.2 for WordPress has CSRF...

CVE-2016-10882

The CVE-2016-10882 entry concerns the WordPress plugin “google-document-embedder” prior to version 2.6.2, where a Cross-Site Request Forgery (CSRF) vulnerability is reported. Public sources in the connected documents consistently note CSRF as the issue, without detailing additional root causes be...

Spade - Android APK Backdoor Embedder

Quick and handy APK backdoor embedder with metasploit android payloads. Requirements metasploit Installation and execution Then you can download smap by cloning the Git repository: git clone https://github.com/suraj-root/spade.git cd spade/ ./spade.py Demo video Video YouTube: Download Spade...

Google Document Embedder < 2.6.2 - CSRF & XSS

The Google Doc Embedder WordPress plugin was affected by a CSRF & XSS security vulnerability...

Google Document Embedder < 2.6.1 - XSS

The Google Doc Embedder WordPress plugin was affected by a XSS security vulnerability...

chromium: information leakage

The PDF viewer does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and outofprocessinstance.cc...

CVE-2015-1302

The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and outofprocessinstance.cc...

UBUNTU-CVE-2015-1302

The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and outofprocessinstance.cc...

CVE-2015-1302

The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and outofprocessinstance.cc...

chromium-browser: information leak in PDF viewer

The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin loading, related to pdf.js and outofprocessinstance.cc...

WordPress Google Document Embedder 2.5.14 SQL Injection

SQL Injection vulnerability in Google Document Embedder gpid parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

WordPress Google Doc Embedder Plugin Cross-Site Scripting (CVE-2015-1879)

A cross-site scripting vulnerability has been reported in WordPress Google Doc Embedder Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

Google Doc Embedder <= 2.5.18 - Cross-Site Scripting (XSS)

The Google Doc Embedder WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

WordPress Plugin Google Doc Embedder Cross-Site Scripting Vulnerability

WordPress is a use of PHP language development blog platform, users can support PHP and MySQL database server to set up their own weblog. Google Doc Embedder plugin is available to PDF, MS Office and other file types embedded in the web page plug-ins. WordPress plugin Google Doc Embedder has a...

CVE-2015-1879

Cross-site scripting XSS vulnerability in the Google Doc Embedder plugin before 2.5.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the profile parameter in an edit action in the gde-settings page to wp-admin/options-general.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the Google Doc Embedder plugin before 2.5.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the profile parameter in an edit action in the gde-settings page to wp-admin/options-general.php...

CVE-2015-1879

CVE-2015-1879 affects the WordPress plugin Google Doc Embedder. The vulnerability is a cross-site scripting (XSS) flaw in the plugin prior to version 2.5.19, exploitable via the profile parameter in an edit action on the gde-settings page (to wp-admin/options-general.php). Root cause: improper ha...

WordPress Google Document Embedder Plugin <= 2.5.18 - XSS

This vulnerability allows an attacker to inject arbitrary web script or HTML via the "profile" parameter in the gde-settings page to wp-admin/options-general.php. Solution Upgrade the plugin...

WordPress Plugin Google Doc Embedder 'options-general.php' HTML Injection Vulnerability

WordPress is a use of PHP language development blog platform, users can support PHP and MySQL database server set up their own weblog. An HTML injection vulnerability in the WordPress plugin Google Doc Embedder 'options-general.php' allows attackers to run supplied HTML and script code or steal...

WordPress Google Doc Embedder 2.5.18 Cross Site Scripting

Title: WordPress 'Google Doc Embedder' plugin - XSS Version: 2.5.18 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2015/01/26 Download: https://wordpress.org/plugins/google-document-embedder/ Contacted WordPress: 2015/01/26 ==========================================================...