Lucene search
K

86 matches found

WPVulnDB
WPVulnDB
added 2015/09/14 12:0 a.m.7 views

BulletProof Security <= .52.4 - Authenticated Cross-Site Scripting (XSS)

The BulletProof Security WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...

1.8AI score
Exploits0References3Affected Software1
NVD
NVD
added 2014/12/01 3:59 p.m.25 views

CVE-2014-8749

Server-side request forgery SSRF vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to trigger outbound requests that authenticate to arbitrary databases via the dbhost parameter...

5CVSS6.8AI score0.01888EPSS
Exploits2References2
securityvulns
securityvulns
added 2014/12/01 12:0 a.m.66 views

Wordpress bulletproof-security &lt;=.51 multiple vulnerabilities

Vulnerability title: Wordpress bulletproof-security =.51 multiple vulnerabilities Author: Pietro Oliva CVE: CVE-2014-7958, CVE-2014-7959, CVE-2014-8749 Vendor: AITpro Product: bulletproof-security Affected version: bulletproof-security = .51 Vulnerabilities fixed in version: .51.1 Details: xss...

6.5CVSS2.4AI score0.02508EPSS
Exploits4
NVD
NVD
added 2014/11/06 3:55 p.m.30 views

CVE-2014-7958

Cross-site scripting XSS vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dbhost parameter...

4.3CVSS5.7AI score0.02508EPSS
Exploits3References4
NVD
NVD
added 2014/11/06 3:55 p.m.31 views

CVE-2014-7959

SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tableprefix parameter...

6.5CVSS7.9AI score0.021EPSS
Exploits3References4
Prion
Prion
added 2014/11/06 3:55 p.m.22 views

Sql injection

SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tableprefix parameter...

6.5CVSS8.5AI score0.021EPSS
Exploits3References4Affected Software1
Cvelist
Cvelist
added 2014/11/06 3:0 p.m.49 views

CVE-2014-7959

SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the tableprefix parameter...

7.9AI score0.021EPSS
Exploits3References4
Cvelist
Cvelist
added 2014/11/06 3:0 p.m.39 views

CVE-2014-7958

Cross-site scripting XSS vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dbhost parameter...

5.7AI score0.02508EPSS
Exploits3References4
CVE
CVE
added 2014/11/06 3:0 p.m.62 views

CVE-2014-7958

BulletProof Security (WordPress) plugin

4.3CVSS5.8AI score0.02508EPSS
Exploits3References4Affected Software1
CVE
CVE
added 2014/11/06 3:0 p.m.63 views

CVE-2014-7959

CVE-2014-7959 is a SQL injection vulnerability in the BulletProof Security WordPress plugin prior to version 0.51.1, specifically in admin/htaccess/bpsunlock.php. The flaw allows remote authenticated users to execute arbitrary SQL commands through the tableprefix parameter. The vulnerability is c...

6.5CVSS8.1AI score0.021EPSS
Exploits3References4Affected Software1
0day.today
0day.today
added 2014/11/06 12:0 a.m.100 views

WordPress Bulletproof-Security .51 Multiple Vulnerabilities

WordPress Bulletproof-Security version .51 suffers from SSRF, cross site scripting, and remote SQL injection vulnerabilities. Vulnerability title: Wordpress bulletproof-security =.51 multiple vulnerabilities Author: Pietro Oliva CVE: CVE-2014-7958, CVE-2014-7959, CVE-2014-8749 Vendor: AITpro...

6.5CVSS0.1AI score0.02508EPSS
Exploits4
Packet Storm
Packet Storm
added 2014/11/05 12:0 a.m.61 views

WordPress Bulletproof-Security .51 XSS / SQL Injection / SSRF

Vulnerability title: Wordpress bulletproof-security =.51 multiple vulnerabilities Author: Pietro Oliva CVE: CVE-2014-7958, CVE-2014-7959, CVE-2014-8749 Vendor: AITpro Product: bulletproof-security Affected version: bulletproof-security = .51 Vulnerabilities fixed in version: .51.1 Details: xss...

6.5CVSS0.7AI score0.02508EPSS
Exploits4
Patchstack
Patchstack
added 2014/10/13 12:0 a.m.38 views

WordPress BulletProof Security Plugin <= .51 - SSRF

Because of this server side request forgery vulnerability in admin/htaccess/bpsunlock.php, the attackers can trigger outbound requests that authenticate to arbitrary databases via the "dbhost" parameter. Solution Update the plugin...

5CVSS4.9AI score0.01888EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2014/10/07 12:0 a.m.26 views

WordPress BulletProof Security Plugin <= .51 - SQL Injection

This vulnerability is in admin/htaccess/bpsunlock.php. It allows remote authenticated users to execute arbitrary SQL commands via the "tableprefix" parameter. Solution Update the plugin...

6.5CVSS6.5AI score0.021EPSS
Exploits3References1Affected Software1
Patchstack
Patchstack
added 2014/10/07 12:0 a.m.29 views

WordPress BulletProof Security Plugin <= .51 - XSS

Because of this vulnerability in admin/htaccess/bpsunlock.php, the attackers can inject arbitrary web script or HTML via the "dbhost" parameter. Solution Update the plugin...

4.3CVSS2.6AI score0.02508EPSS
Exploits3References1Affected Software1
Packet Storm
Packet Storm
added 2014/10/03 12:0 a.m.70 views

WordPress BulletProof Security 50.8 Script Insertion

Document Title: =============== BulletProof Security Wordpress v50.8 - POST Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1326 Release Date: ============= 2014-09-30 Vulnerability Laboratory ID VL-ID:...

Exploits0
WPVulnDB
WPVulnDB
added 2014/09/30 12:0 a.m.19 views

BulletProof Security <= .50.8 - Script Insertion

The BulletProof Security WordPress plugin was affected by a Script Insertion security vulnerability...

3.5CVSS1.7AI score0.01576EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2014/03/03 4:55 p.m.16 views

CVE-2013-3487

Multiple cross-site scripting XSS vulnerabilities in the security log in the BulletProof Security plugin before .49 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified HTML header fields to 1 400.php, 2 403.php, or 3 403.php...

4.3CVSS6AI score0.02298EPSS
Exploits0References7
Prion
Prion
added 2014/03/03 4:55 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the security log in the BulletProof Security plugin before .49 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified HTML header fields to 1 400.php, 2 403.php, or 3 403.php...

4.3CVSS6.3AI score0.02298EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2014/03/03 4:0 p.m.42 views

CVE-2013-3487

BulletProof Security WordPress plugin (Security Log): multiple XSS in the security log via HTML header fields to 400.php/403.php in versions before 0.49. Root cause appears to be improper input handling. Remediation: update to a fixed release (0.49 or newer) per PatchStack and related advisories;...

4.3CVSS6.1AI score0.02298EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder