WordPress Ultimate Membership Pro 3.3 Plugin - SQL Injection

Exploit for php platform in category web applications Vendor Homepage: http://wpindeed.com/ Software Link: http://codecanyon.net/item/ultimate-membership-pro-wordpress-plugin/12159253 Version: 3.3 Tested on: Debian 8, PHP 5.6.17-3 Type: Unauthenticated Blind SQLi, Unauthenticated Payment Bypass...

WordPress Theme Newspaper 6.7.1 - Privilege Escalation

Vendor Homepage: http://tagdiv.com/newspaper/ Software Link: http://themeforest.net/item/newspaper/5489609 Version: 6.7.1 Tested on: Debian 8, PHP 5.6.17-3 Type: WP Options Overwrite, Possible more Time line: Found 23-APR-2016, Vendor notified 23-APR-2016, Vendor fixed: 27-APR-2016, RD:1 /...

WordPress WP PRO Advertising System 4.6.18 Plugin - SQL Injection

Exploit for php platform in category web applications Vendor Homepage: http://wordpress-advertising.com/ Software Link: http://codecanyon.net/item/wp-pro-advertising-system-all-in-one-ad-manager/269693 Version: 4.6.18 Tested on: Debian 8, PHP 5.6.17-3 Type: SQLi, Unserialize, File Delete. Time...

WordPress Newspaper 6.7.1 Theme - Privilege Escalation

Exploit for php platform in category web applications Vendor Homepage: http://tagdiv.com/newspaper/ Software Link: http://themeforest.net/item/newspaper/5489609 Version: 6.7.1 Tested on: Debian 8, PHP 5.6.17-3 Type: WP Options Overwrite, Possible more Time line: Found 23-APR-2016, Vendor notified...