560 matches found
PT-2015-5366
Name of the Vulnerable Software and Affected Versions Elegant Themes Divi theme for WordPress affected versions not specified Description A directory traversal issue exists in the Elegant Themes Divi theme for WordPress, allowing remote attackers to read arbitrary files. This is achieved by...
WordPress Plugin Photo Gallery 'wp-admin/admin-ajax.php' SQL Injection Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress plugin Photo Gallery 'wp-admin/admin-ajax.php'. Due to the program...
VulnCheck KEV: CVE-2014-9735
The ThemePunch Slider Revolution revslider plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to 1 upload and execute arbitrary files via an...
WordPress Paid Memberships Pro Plugin 1.7.14 - Directory Traversal
This vulnerability is in the services/getfile.php, It allows the attackers to read arbitrary files in the QUERYSTRING in a getfile action to wp-admin/admin-ajax.php. Solution Update the plugin...
CVE-2014-8375
SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selectedgroup parameter in a gbajaxgetgroup action to wp-admin/admin-ajax.php...
Wordpress Plugin CSSJockey Membership Modules Code Execution Vulnerability
Exploit for php platform in category web applications Exploit Title : Wordpress Plugin CSSJockey Membership Modules Code Execution Vulnerability Exploit Author : NULLPointer Contact : https://www.facebook.com/xenith.gianni Date : 20/09/2014 Vendor Homepage :...
WordPress Theme 3clicks Arbitrary File Download Vulnerability
WordPress Theme 3clicks suffers from Arbitrary File Download Vulnerability. POC : http://127.0.0.1/wp-admin/admin-ajax.php?action=revslidershowimage&img=LFD Google Dork : inurl:"/wp-content/themes/3clicks/" Demo Sites...
VulnCheck KEV: CVE-2014-9734
Directory traversal vulnerability in the Slider Revolution revslider plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the img parameter in a revslidershowimage action to wp-admin/admin-ajax.php...
WordPress KenBurner Slider Arbitrary File Download
Exploit Title : WordPress Plugin KenBurner Slider Arbitrary File Download Vulnerability Google Dork: Index of /wp-content/plugins/kbslider Date: 2014-08-21 Exploit Author: MF0x and Daniel Pentest Vendor Homepage: http://codecanyon.net/item/responsive-kenburner-slider-jquery-plugin/1633038 Version...
BuddyPress Extended Friendship Request - wp-admin/admin-ajax.php friendship_request_message Parameter XSS
The BuddyPress Extended Friendship Request WordPress plugin was affected by a wp-admin/admin-ajax.php friendshiprequestmessage Parameter XSS security vulnerability...
WordPress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities
No description provided by source. html !-- Exploit Title: WordPress IndiaNIC FAQ 1.0 Plugin CSRF + XSS Google Dork: inurl:wp-content/plugins/faqs-manager Date: 21.03.2013 Exploit Author: m3tamantra http://m3tamantra.wordpress.com/blog Vendor Homepage:...
WordPress Work The Flow Plugin 1.2.1 - Arbitrary File Upload
Work The Flow plugin is prone to an arbitrary file upload vulnerability that submit an image file via the wtf upload panel and intercept the POST request to /wp-admin/admin-ajax.php. Solution Edit the data from the control "acceptfiletypes"...
WordPress Plugin WP Cleanfix - Cross-Site Request Forgery
source: https://www.securityfocus.com/bid/59940/info The WP cleanfix plugin for WordPress is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are...
WordPress IndiaNIC FAQs Manager Plugin 1.0 - Multiple Vulnerabilities
IndiaNIC FAQ Settings Page is vulnerable for CSRF. The Ask Question area front-end is vulnerable for XSS. It is possible to insert alert1 in question parameter. The Captcha value can be read from captcha parameter hidden field =================== We don't need the captcha Image when we have this ...
WordPress Plugin IndiaNIC FAQs Manager 1.0 - Multiple Vulnerabilities
WordPress Plugin IndiaNIC FAQs Manager 1.0 - Multiple Vulnerabilities alert1 in question parameter. The Captcha value can be read from captcha parameter hidden field Part of Ask Question form =================== We don't need the captcha Image when we have this xD Request from Ask Question area X...
WordPress Plugin IndiaNIC FAQs Manager 1.0 - Multiple Vulnerabilities
alert1 in question parameter. The Captcha value can be read from captcha parameter hidden field Part of Ask Question form =================== We don't need the captcha Image when we have this xD Request from Ask Question area XSS in question parameter POST /wordpress/wp-admin/admin-ajax.php HTTP...
Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin
High-Tech Bridge Security Research Lab discovered vulnerability in CommentLuv WordPress plugin, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in CommentLuv wordpress plugin: CVE-2013-1409 The vulnerability exists due to insufficient filtration of...
WordPress Plugin Soundcloud Is Gold 2.1 - width Cross-Site Scripting
WordPress Plugin Soundcloud Is Gold 2.1 - width Cross-Site Scripting source: https://www.securityfocus.com/bid/53537/info The Soundcloud Is Gold plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverag...
PT-2012-3667 · WordPress · Wordpress
Name of the Vulnerable Software and Affected Versions: WordPress versions 3.3.1 and earlier Description: The issue is related to the wp create nonce function, which associates a nonce with a user account instead of a user session. This might make it easier for remote attackers to conduct cross-si...
DEBIAN-CVE-2007-2821
SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress before 2.2 allows remote attackers to execute arbitrary SQL commands via the cookie parameter...