WordPress WP EasyCart Plugin Privilege Escalation

The WordPress WP EasyCart plugin from version 1.1.30 to 3.0.20 allows authenticated users of any user level to set any system option via a lack of validation in the ecajaxupdateoption and ecajaxclearalltaxrates functions located in /inc/admin/adminajaxfunctions.php. The module first changes the...

Pluck cms v4.7 CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: Pluck cms multiple vulnerabilità Date: 09/01/2012 Author: Gordon Security Vendor or Software Link: www.pluck-cms.org Version: 4.7 Category: webapps Website:www.gordon-security.blogspot.com C.S.R.F. 1 Grazie a questo P.o.c...