22 matches found
WordPress Stafflist 3.1.2 Cross Site Request Forgery Vulnerability
Exploit Title: WordPress Plugin stafflist 3.1.2 - CSRF Authenticated Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/stafflist/ Version: 3.1.2 Tested on: Firefox Contact me: h at spidersilk.com Summary: A CSRF vulnerability exists in staff record...
WordPress Plugin video-synchro-pdf 1.7.4 - Local File Inclusion
Exploit Title: WordPress Plugin video-synchro-pdf 1.7.4 - Local File Inclusion Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Date: 26-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/video-synchro-pdf/ Version: 1.7.4 Tested on:...