Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 1:45 p.m.13 views

CVE-2014-9734

Directory traversal vulnerability in the Slider Revolution revslider plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the img parameter in a revslidershowimage action to wp-admin/admin-ajax.php...

5CVSS7AI score0.20631EPSS
Exploits2References1
ThreatPost
ThreatPost
added 2020/06/03 8:37 p.m.70 views

Attackers Target 1M+ WordPress Sites To Harvest Database Credentials

Attackers were spotted targeting over one million WordPress websites in a campaign over the weekend. The campaign unsuccessfully attempted to exploit old cross-site scripting XSS vulnerabilities in WordPress plugins and themes, with the goal of harvesting database credentials. The attacks were...

7.5CVSS0.9AI score0.55008EPSS
Exploits10References10
Packet Storm
Packet Storm
added 2017/04/07 12:0 a.m.88 views

WordPress Elegant Themes Divi Theme Directory Traversal Nmap NSE Script

local http = require "http" local shortport = require "shortport" local stdnse = require "stdnse" local string = require "string" local vulns = require "vulns" local nmap = require "nmap" description = Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote...

5CVSS0.4AI score0.22055EPSS
Exploits6
Cvelist
Cvelist
added 2015/06/30 2:0 p.m.34 views

CVE-2014-9734

Directory traversal vulnerability in the Slider Revolution revslider plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the img parameter in a revslidershowimage action to wp-admin/admin-ajax.php...

9.2AI score0.20631EPSS
Exploits2References7
Prion
Prion
added 2015/02/11 7:59 p.m.21 views

Directory traversal

Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the img parameter in a revslidershowimage action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734...

5CVSS6.7AI score0.22055EPSS
Exploits6References2
Check Point Advisories
Check Point Advisories
added 2014/12/17 12:0 a.m.13 views

WordPress Slider Revolution Plugin Local File Inclusion (CVE-2014-9734; CVE-2015-1579)

An information disclosure vulnerability has been reported in WordPress Slider Revolution Plugin. Successful exploitation of this vulnerability could allow a remote attacker to download local files, and may lead to disclosure of database credentials...

5CVSS2.4AI score0.22055EPSS
Exploits6
Rows per page
Query Builder