Lucene search
K

5 matches found

ThreatPost
ThreatPost
added 2020/06/03 8:37 p.m.70 views

Attackers Target 1M+ WordPress Sites To Harvest Database Credentials

Attackers were spotted targeting over one million WordPress websites in a campaign over the weekend. The campaign unsuccessfully attempted to exploit old cross-site scripting XSS vulnerabilities in WordPress plugins and themes, with the goal of harvesting database credentials. The attacks were...

7.5CVSS0.9AI score0.55008EPSS
Exploits10References10
VulnCheck KEV
VulnCheck KEV
added 2020/06/03 12:0 a.m.3 views

VulnCheck KEV: CVE-2015-5468

Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter to includes/download.php...

7.5CVSS7.3AI score0.24093EPSS
Exploits2References1
NVD
NVD
added 2017/05/23 4:29 a.m.15 views

CVE-2015-5468

Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter to includes/download.php...

7.5CVSS7.5AI score0.24093EPSS
Exploits2References4
Cvelist
Cvelist
added 2017/05/23 3:56 a.m.25 views

CVE-2015-5468

Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter to includes/download.php...

7.6AI score0.24093EPSS
Exploits2References4
CVE
CVE
added 2017/05/23 3:56 a.m.65 views

CVE-2015-5468

The CVE-2015-5468 entry concerns WordPress WP e-Commerce Shop Styling plugin, affected version: before 2.6. The vulnerability is a Directory Traversal in includes/download.php, allowing a remote attacker to read arbitrary files by supplying a .. in the filename parameter. Impact is file disclosur...

7.5CVSS7.8AI score0.24093EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder