84 matches found
WordPress Relevanssi Plugin <= 3.3.7 - XSS
This vulnerability allows the attackers to inject arbitrary web script or HTML via unspecified vectors. Solution Update the plugin...
WordPress Relevanssi插件"category_name" SQL注入漏洞
WordPress是一款内容管理系统。 由于通过"categoryname"参数传递到index.php的输入 当"s"被设置在被用于SQL查询前未能正确过滤,攻击者可以利用漏洞通过注入任意SQL代码操纵SQL查询。 0 WordPress Relevanssi Plugin 3.3 厂商补丁: WordPress ----- WordPress Relevanssi 3.3及之后版本以修复此漏洞,建议用户下载使用: http://wordpress.org/plugins/relevanssi/changelog/...
WordPress Relevanssi Plugin 2.7.2- Stored XSS
Relevanssi plugin is prone to a stored cross-site scripting vulnerability that exists because of "search Query" variable is displayed and logged unsanitized in the "User Searches" section in the admin Dashboard. This vulnerability allows an attacker to inject malicious HTML code. Solution Update ...
WordPress Plugin Relevanssi 2.7.2 - Persistent Cross-Site Scripting
WordPress Plugin Relevanssi 2.7.2 - Persistent Cross-Site Scripting Exploit Title: Relevanssi User Searches WordPress plugin Stored XSS Date: 20-2-2011 Author: Saif El-Sherei Software Link: http://downloads.wordpress.org/plugin/relevanssi.2.7.2.zip Version: Relevanssi 2.7.2, WordPress 3.0.5 Teste...