reggaefestivalguide.com XSS vulnerability

Vulnerable URL: http://reggaefestivalguide.com/wp-content/themes/themerush/inc/plugins/shortcode/shortcodepopup.php?get=' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4150811 VIP...

topklip.net XSS vulnerability

Vulnerable URL: http://topklip.net/wp-content/themes/themerush/inc/plugins/shortcode/shortcodepopup.php?get=' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4299588 VIP website...

Wordpress forget-about-shortcode-buttons plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation of a set of PHP language development of the blogging platform, the platform supports PHP and MySQL server set up a personal blog site. get-about-shortcode-buttons is one of the plug-ins used to add CSS buttons in the post editor screen. A cross-site...

CVE-2016-1000133

Reflected XSS in wordpress plugin forget-about-shortcode-buttons v1.1.1...

CVE-2016-1000133

Reflected XSS in wordpress plugin forget-about-shortcode-buttons v1.1.1...

Cross site scripting

Reflected XSS in wordpress plugin forget-about-shortcode-buttons v1.1.1...

CVE-2016-1000133

The Nuclei template confirms CVE-2016-1000133: a reflected XSS in WordPress plugin forget-about-shortcode-buttons v1.1.1, enabling arbitrary script execution in a user’s browser and potential cookie theft. Affected component: WordPress plugin forget-about-shortcode-buttons (version 1.1.1). Root c...

WordPress Ultimate Product Catalog 3.9.8 Plugin - (do_shortcode via ajax) Blind SQL Injection

Exploit for php platform in category web applications Exploit Title: Wordpress Ultimate-Product-Catalog getrow"SELECT FROM $cataloguestablename WHERE CatalogueID=" . $id; $CatalogueItems = $wpdb-getresults"SELECT FROM $catalogueitemstablename WHERE CatalogueID=" . $id . " ORDER BY Position";...

WordPress Jetpack Shortcode Embeds Module Code Injection

A cross-site scripting vulnerability exist reported in WordPress JetPack plugin Shortcode Embeds module. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

DEBIAN-CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

Cross site scripting

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

UBUNTU-CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

CVE-2015-5714

Cross-site scripting XSS vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags...

WordPress Booking Calendar Contact Form Plugin SQL Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress Booking Calendar Contact Form plugin suffers from a SQL injection vulnerability by adding specially crafted shortco...

WordPress Booking Calendar Contact Form 1.0.23 Shortcode SQL Injection

Exploit Title: Wordpress booking calendar contact form =v1.0.23 - Unauthenticated blind SQL injection Date: 2016-02-08 Google Dork: Index of /wp-content/plugins/booking-calendar-contact-form Exploit Author: Joaquin Ramirez Martinez i0 SEC-LABORATORY Vendor Homepage: http://wordpress.dwbooster.com...

WordPress Booking Calendar Contact Form 1.1.23 Plugin - Shortcode SQL Injection

Exploit for php platform in category web applications Exploit Title: WordPress appointment-booking-calendar =1.1.23 - Shortcode SQL injection Date: 2016-01-24 Google Dork: Index of /wordpress/wp-content/plugins/appointment-booking-calendar/ Exploit Author: Joaquin Ramirez Martinez i0 security-lab...

WordPress Plugin Booking Calendar Contact Form 1.1.23 - Shortcode SQL Injection

Exploit Title: WordPress appointment-booking-calendar =1.1.23 - Shortcode SQL injection Date: 2016-01-24 Google Dork: Index of /wordpress/wp-content/plugins/appointment-booking-calendar/ Exploit Author: Joaquin Ramirez Martinez i0 security-lab Software Link:...