6 matches found
CVE-2014-9734
Directory traversal vulnerability in the Slider Revolution revslider plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the img parameter in a revslidershowimage action to wp-admin/admin-ajax.php...
Attackers Target 1M+ WordPress Sites To Harvest Database Credentials
Attackers were spotted targeting over one million WordPress websites in a campaign over the weekend. The campaign unsuccessfully attempted to exploit old cross-site scripting XSS vulnerabilities in WordPress plugins and themes, with the goal of harvesting database credentials. The attacks were...
WordPress Elegant Themes Divi Theme Directory Traversal Nmap NSE Script
local http = require "http" local shortport = require "shortport" local stdnse = require "stdnse" local string = require "string" local vulns = require "vulns" local nmap = require "nmap" description = Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote...
CVE-2014-9734
Directory traversal vulnerability in the Slider Revolution revslider plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the img parameter in a revslidershowimage action to wp-admin/admin-ajax.php...
Directory traversal
Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the img parameter in a revslidershowimage action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734...
WordPress Slider Revolution Plugin Local File Inclusion (CVE-2014-9734; CVE-2015-1579)
An information disclosure vulnerability has been reported in WordPress Slider Revolution Plugin. Successful exploitation of this vulnerability could allow a remote attacker to download local files, and may lead to disclosure of database credentials...