5 matches found
Attackers Target 1M+ WordPress Sites To Harvest Database Credentials
Attackers were spotted targeting over one million WordPress websites in a campaign over the weekend. The campaign unsuccessfully attempted to exploit old cross-site scripting XSS vulnerabilities in WordPress plugins and themes, with the goal of harvesting database credentials. The attacks were...
VulnCheck KEV: CVE-2015-5468
Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter to includes/download.php...
CVE-2015-5468
Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter to includes/download.php...
CVE-2015-5468
Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter to includes/download.php...
CVE-2015-5468
The CVE-2015-5468 entry concerns WordPress WP e-Commerce Shop Styling plugin, affected version: before 2.6. The vulnerability is a Directory Traversal in includes/download.php, allowing a remote attacker to read arbitrary files by supplying a .. in the filename parameter. Impact is file disclosur...