3 matches found
EUVD-2015-9282
Malware in sbrugna...
WordPress avenirsoft-directdownload plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. avenirsoft-directdownload is a download button plugin used in it. A cross-site request forgery vulnerability exists in version 1.0 of...
CVE-2015-9442
The avenirsoft-directdownload plugin 1.0 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=avenirplugin...