WordPress Popup Box - Easily Create WordPress Popups plugin <= 3.2.12 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress Popup Box - Easily Create WordPress Popups plugin = 3.2.12 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Popup Box versions = 3.2.12...

WordPress Hide Categories Or Products On Shop Page plugin <= 1.0.7 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Hide Categories Or Products On Shop Page versions = 1.0.7...

WordPress Customer Reviews Collector for WooCommerce plugin <= 4.6.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Customer Reviews Collector for WooCommerce versions = 4.6.1...

WordPress EchBay Admin Security plugin <= 1.3.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin EchBay Admin Security versions = 1.3.0...

WordPress Multiple Roles per User plugin <= 1.0 - Missing Authorization to Authenticated (Custom+) Privilege Escalation vulnerability

Missing Authorization to Authenticated Custom+ Privilege Escalation vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Multiple Roles per User versions = 1.0...

WordPress WP-OAuth plugin <= 0.4.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin WP-OAuth versions = 0.4.1...

WordPress Oceanpayment CreditCard Gateway plugin <= 6.0 - Missing Authentication to Unauthenticated Order Status Update vulnerability

Missing Authentication to Unauthenticated Order Status Update vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Oceanpayment CreditCard Gateway versions = 6.0...

WordPress ContentMX Content Publisher plugin <= 1.0.6 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin ContentMX Content Publisher versions = 1.0.6...

WordPress Premium Packages – Sell Digital Products Securely plugin <= 5.9.1 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin WPDM – Premium Packages versions = 5.9.1...

BruCON – Belgium's First Security Conference

BruCON – Belgium's First Security Conference BruCON, Belgium's first security conference is back for it's third edition on 19-22 September. After witnessing greater success in the past two years, this year's event is expected to attract more then 400 people from around Europe. BruCON conference...

scip-2962.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Wordpress 2.1.1 - Multiple Script Injection Vulnerabilities scip AG Vulnerability ID 2962 02/27/2007 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2962 I. INTRODUCTION "WordPress is a state-of-the-art semantic personal publishing platform with a focu...

ePortfolio version 1.0 Java Multiple Input Validation Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ePortfolio version 1.0 Java Multiple Input Validation Vulnerabilities scip AG Vulnerability ID 2893 12/22/2006 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2893 I. INTRODUCTION ePortfolio is a e-banking application by TKS Banking Solutions. More...

[Full-disclosure] Content Management Framework &quot;G3&quot; - XSS Vulnerability in Search Function

Content Management Framework "G3" - XSS Vulnerability in Search Function INTRO According to the manufacturer, "G3" is a classic content-management-system, allowing customers to manage their own websites without knowing much about webpublishing. Information about the product is available at:...