Lucene search
K

8 matches found

seebug.org
seebug.org
added 2015/09/21 12:0 a.m.23 views

WordPress Landing Pages 1.8.4 Cross Site Scripting ( CVE-2015-4065 )

插件: https://downloads.wordpress.org/plugin/landing-pages.1.8.4.zip 漏洞文件位置在 shared/shortcodes/inbound-shortcodes.php Line 761 preview.php?sc=&post=' width="285" scrollbar='true' frameborder="0" id="inbound-shortcodes-preview" 从上述文件可以看到 GET 方式传过来的参数 post 直接输出到 html 中造成了XSS 触发 url 如下...

3.5CVSS6.5AI score0.03947EPSS
Exploits6
NVD
NVD
added 2015/05/27 6:59 p.m.19 views

CVE-2015-4065

Cross-site scripting XSS vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the post parameter to wp-admin/post-new.php...

3.5CVSS5.3AI score0.03947EPSS
Exploits6References4
CVE
CVE
added 2015/05/27 6:0 p.m.55 views

CVE-2015-4065

Summary (CVE-2015-4065) : The WordPress Landing Pages plugin (versions before 1.8.5) contains an XSS vulnerability in shared/shortcodes/inbound-shortcodes.php. An authenticated remote user can inject arbitrary script/HTML via the post parameter passed to wp-admin/post-new.php, caused by echoing u...

3.5CVSS5.3AI score0.03947EPSS
Exploits6References4Affected Software1
Cvelist
Cvelist
added 2015/05/27 6:0 p.m.29 views

CVE-2015-4065

Cross-site scripting XSS vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the post parameter to wp-admin/post-new.php...

5.3AI score0.03947EPSS
Exploits6References4
exploitpack
exploitpack
added 2015/05/26 12:0 a.m.21 views

WordPress Plugin Landing Pages 1.8.4 - Multiple Vulnerabilities

WordPress Plugin Landing Pages 1.8.4 - Multiple Vulnerabilities Title: Multiple vulnerabilities in WordPress plugin "WordPress Landing Pages" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/landing-pages/ Active installs: 20,000+...

6.5CVSS0.2AI score0.03947EPSS
Exploits7
0day.today
0day.today
added 2015/05/26 12:0 a.m.54 views

WordPress Landing Pages 1.8.4 Cross Site Scripting / SQL Injection Vulnerabilities

WordPress Landing Pages plugin version 1.8.4 suffers from cross site scripting and remote SQL injection vulnerabilities. Title: Multiple vulnerabilities in WordPress plugin "WordPress Landing Pages" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage:...

6.5CVSS0.3AI score0.03947EPSS
Exploits7
Exploit DB
Exploit DB
added 2015/05/26 12:0 a.m.36 views

WordPress Plugin Landing Pages 1.8.4 - Multiple Vulnerabilities

Title: Multiple vulnerabilities in WordPress plugin "WordPress Landing Pages" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/landing-pages/ Active installs: 20,000+ Vulnerable version: 1.8.4 Fixed version: 1.8.5 CVE: CVE-2015-4064,...

6.5CVSS6.4AI score0.03947EPSS
Exploits7
Packet Storm
Packet Storm
added 2015/05/25 12:0 a.m.35 views

WordPress Landing Pages 1.8.4 Cross Site Scripting / SQL Injection

Title: Multiple vulnerabilities in WordPress plugin "WordPress Landing Pages" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/landing-pages/ Active installs: 20,000+ Vulnerable version: 1.8.4 Fixed version: 1.8.5 CVE: CVE-2015-4064,...

6.5CVSS0.6AI score0.03947EPSS
Exploits7
Rows per page
Query Builder