Lucene search
K

5 matches found

CVE
CVE
added 2017/09/14 1:0 p.m.66 views

CVE-2017-1002008

CVE-2017-1002008 affects the WordPress plugin membership-simplified-for-oap-members-only v1.58. The vulnerability is in the file download.php, which does not verify that a user is logged in or has download privileges, enabling an attacker to obtain arbitrary files. Public writeups and advisories ...

9.8CVSS9.3AI score0.16927EPSS
Exploits7References4Affected Software1
Akamai Blog
Akamai Blog
added 2017/08/02 11:30 a.m.208 views

Larry's Cabinet of Web Vulnerability Curiosities

One of my responsibilities as a member of the Akamai Security Intelligence Response Team SIRT is to research new web application vulnerabilities. For the last year, I have focused on Wordpress plugin vulnerabilities, and looking for any interesting code tidbits in my box of Wordpress toys. There...

7.5CVSS8.9AI score0.16927EPSS
Exploits13
Packet Storm
Packet Storm
added 2017/03/17 12:0 a.m.37 views

WordPress Membership Simplified 1.58 Arbitrary File Download

import requests import string import random from urlparse import urlparse print "---------------------------------------------------------------------" print "Wordpress Plugin Membership Simplified v1.58 - Arbitrary File Download\nDiscovery: Larry W. Cashdollar\nExploit Author: Munir...

9.6AI score0.16927EPSS
Exploits7
Exploit DB
Exploit DB
added 2017/03/16 12:0 a.m.34 views

WordPress Plugin Membership Simplified 1.58 - Arbitrary File Download

import requests import string import random from urlparse import urlparse print "---------------------------------------------------------------------" print "Wordpress Plugin Membership Simplified v1.58 - Arbitrary File Download\nDiscovery: Larry W. Cashdollar\nExploit Author: Munir...

9.8CVSS9.8AI score0.16927EPSS
Exploits7
exploitpack
exploitpack
added 2017/03/16 12:0 a.m.42 views

Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download

Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download import requests import string import random from urlparse import urlparse print "---------------------------------------------------------------------" print "Wordpress Plugin Membership Simplified v1.58 - Arbitrary File...

7.5CVSS9.6AI score0.16927EPSS
Exploits7
Rows per page
Query Builder