2 matches found
CVE-2014-8605
The CVE concerns the XCloner Backup and Restore plugin for WordPress (v3.1.1) and Joomla! (v3.5.1), where database backup files are stored under the web root with predictable names due to insufficient access control. This allows remote attackers to obtain sensitive information by directly request...
Xloner v3.1.2 wordpress plugin authenticated command execution and XSS
This advisory is in addition to the one I filed in November http://www.openwall.com/lists/oss-security/2014/11/06/1 that had the following CVEs assigned CVE-2014-8603 CVE-2014-8604 CVE-2014-8605 CVE-2014-8606 CVE-2014-8607, advisory http://www.vapid.dhs.org/advisory.php?v=110. Title: Xloner v3.1....