EUVD-2015-0928

Malware in sbrugna...

EUVD-2015-1521

Malware in sbrugna...

WordPress Plugin Banner Effect Header 'banner_effect_divide' Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Banner Effect Header 'bannereffectdivide' as it fails to...

CVE-2015-1384

Cross-site scripting XSS vulnerability in the Banner Effect Header plugin before 1.2.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the bannereffectdivid parameter in the BannerEffectOptions page to wp-admin/options-general.php...

Cross site scripting

Cross-site scripting XSS vulnerability in the Banner Effect Header plugin before 1.2.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the bannereffectdivid parameter in the BannerEffectOptions page to wp-admin/options-general.php...

CVE-2015-1384

The CVE-2015-1384 case covers a Cross-Site Scripting (XSS) flaw in the WordPress Banner Effect Header plugin (v1.2.7 and earlier). The issue stems from insufficient filtering of input to the banner_effect_divid parameter on the BannerEffectOptions page (wp-admin/options-general.php), enabling an ...

CVE-2015-1384

Cross-site scripting XSS vulnerability in the Banner Effect Header plugin before 1.2.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the bannereffectdivid parameter in the BannerEffectOptions page to wp-admin/options-general.php...

Banner Effect Header Security Advisory - XSS Vulnerability - CVE-2015-1384

Information ------------ Advisory by Netsparker. Name: XSS Vulnerability in Banner Effect Header Affected Software : Banner Effect Header Affected Versions: 1.2.7 and possibly below Vendor Homepage : https://wordpress.org/plugins/banner-effect-header/ Vulnerability Type : Cross-site Scripting...

WordPress Banner Effect Header Plugin <= 1.2.7 - XSS

This vulnerability allows an attacker to inject arbitrary web script or HTML via the "bannereffectdivid" parameter. Solution Update the plugin...

Banner Effect Header 1.2.6 - XSS & CSRF

The Banner Effect Header WordPress plugin was affected by a XSS & CSRF security vulnerability...

CVE-2015-0920

Cross-site request forgery CSRF vulnerability in the Banner Effect Header plugin 1.2.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the bannereffectemail parameter in the BannerEffectOptions pag...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Banner Effect Header plugin 1.2.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the bannereffectemail parameter in the BannerEffectOptions pag...

CVE-2015-0920

Cross-site request forgery CSRF vulnerability in the Banner Effect Header plugin 1.2.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the bannereffectemail parameter in the BannerEffectOptions pag...

CVE-2015-0920

CVE-2015-0920 affects the Banner Effect Header WordPress plugin (version 1.2.6). A CSRF vulnerability allows remote attackers to hijack administrator authentication to trigger XSS via the banner_effect_email parameter on the BannerEffectOptions page (wp-admin/options-general.php). The issue is ex...

WordPress plugin Banner Effect Header 'options-general.php' cross-site scripting vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Banner Effect Header 'options-general.php' as it fails to...

WordPress Banner Effect Header 1.2.6 XSS / CSRF

|||||||||||||||||||||||||||||||||||||||||||||||||| |-------------------------------------------------------------------------| | Exploit Title: Wordpress Banner Effect Header 1.2.6 Plugin XSS, CSRF Vulnerability | | Date : Date: 2015-01-02 | | Exploit Author: Ashiyane Digital Security Team | |...