EUVD-2015-9284

Malware in sbrugna...

CVE-2015-9444

The altos-connect plugin 1.3.0 for WordPress has XSS via the wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php/ PATHSELF...

WordPress altos-connect plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. altos-connect is one of the plugins used in it. A cross-site scripting vulnerability exists in version 1.3.0 of the WordPress...

CVE-2015-9444

The altos-connect plugin 1.3.0 for WordPress has XSS via the wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php/ PATHSELF...

Design/Logic Flaw

The altos-connect plugin 1.3.0 for WordPress has XSS via the wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php/ PATHSELF...

CVE-2015-9444

CVE-2015-9444 affects the WordPress altos-connect plugin version 1.3.0. Multiple connected sources confirm a cross-site scripting (XSS) vulnerability exposed via the plugin’s jQuery-validate demo path at wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php/ PATH_SELF. The ...

CVE-2015-9444

The altos-connect plugin 1.3.0 for WordPress has XSS via the wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php/ PATHSELF...

WordPress Altos Connect Widget 1.3.0 XSS 漏洞

文件：/wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php 上代码 " id="refreshimg" title="Click to refresh image"" width="132" height="46" alt="Captcha image" / Enter the characters as seen on the image above case insensitive: 第三行中...

Altos Connect Widget <= 1.3.0 - Unauthenticated Cross-Site Scripting (XSS)

The altos-connect WordPress plugin was affected by an Unauthenticated Cross-Site Scripting XSS security vulnerability. http://www.example.com/wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php/"alert1...

Altos Connect Widget <= 1.3.0 - Unauthenticated Cross-Site Scripting (XSS)

The altos-connect WordPress plugin was affected by an Unauthenticated Cross-Site Scripting XSS security vulnerability. PoC http://www.example.com/wp-content/plugins/altos-connect/jquery-validate/demo/demo/captcha/index.php/"...

WordPress Altos Connect Widget Plugin <= 1.3.0 - Cross Site Scripting (XSS)

This plugin is prone to a cross site scripting vulnerability, because "PHPSELF" is printed without sanitization in a captcha demo page. Solution Update the plugin...

WordPress Altos Connect Widget 1.3.0 Cross Site Scripting Vulnerability

WordPress Altos Connect Widget plugin version 1.3.0 suffers from a cross site scripting vulnerability. Title: WordPress 'Altos Connect Widget' Plugin Version: 1.3.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-15 Download: - https://wordpress.org/plugins/altos-connect/ -...

WordPress Altos Connect Widget 1.3.0 Cross Site Scripting

Title: WordPress 'Altos Connect Widget' Plugin Version: 1.3.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-15 Download: - https://wordpress.org/plugins/altos-connect/ - https://plugins.svn.wordpress.org/altos-connect/ Notified WordPress: 2015-06-21...