48 matches found
CVE-2018-11633
An issue was discovered in the MULTIDOTS Woo Checkout for Digital Goods plugin 2.1 for WordPress. If an admin user can be tricked into visiting a crafted URL created by an attacker via spear phishing/social engineering, the attacker can change the plugin settings. The function...
Cross site request forgery (csrf)
An issue was discovered in the MULTIDOTS Woo Checkout for Digital Goods plugin 2.1 for WordPress. If an admin user can be tricked into visiting a crafted URL created by an attacker via spear phishing/social engineering, the attacker can change the plugin settings. The function...
Updated wordpress package fixes security vulnerabilities
A denial of service flaw was found in the way Wordpress, a blog tool and publishing platform, performed hash computation when checking password for password protected blog posts. A remote attacker could provide a specially- crafted input that, when processed by the password checking mechanism of...
MGASA-2013-0198 Updated wordpress package fixes security vulnerabilities
A denial of service flaw was found in the way Wordpress, a blog tool and publishing platform, performed hash computation when checking password for password protected blog posts. A remote attacker could provide a specially- crafted input that, when processed by the password checking mechanism of...
WordPress MU 1.3.2 - active_plugins option Code Execution
WordPress MU 1.3.2 - activeplugins option Code Execution Website : http://www.buayacorp.com/ Advisory: http://www.buayacorp.com/files/wordpress/wordpress-mu-options-overwrite.html This exploit uses activeplugins option to execute arbitrary PHP / includeonce './class-snoopy.php'; // Fix Snoopy cla...
Wordpress MU < 1.3.2 active_plugins option Code Execution Exploit
Exploit for unknown platform in category web applications ================================================================= Wordpress MU Website : http://www.buayacorp.com/ Advisory: http://www.buayacorp.com/files/wordpress/wordpress-mu-options-overwrite.html This exploit uses activeplugins optio...
Wordpress MU < 1.3.2 active_plugins option Code Execution Exploit
No description provided by source. ?php / WordPress MU blog's options overwrite Credits : Alexander Concha alex at buayacorp dot com Website : http://www.buayacorp.com/ Advisory: http://www.buayacorp.com/files/wordpress/wordpress-mu-options-overwrite.html This exploit uses activeplugins option to...
CVE-2007-3421
The 1 login, 2 admin profile edit, 3 reminder, 4 edit profile, 5 profile view, 6 gallery view, 7 gallery comment, and 8 gallery feedback capabilities in web-app.org WebAPP before 0.9.9.7 do not verify presence of users in memberlist.dat, which has unknown impact and remote attack vectors...