8 matches found
Attackers Target 1M+ WordPress Sites To Harvest Database Credentials
Attackers were spotted targeting over one million WordPress websites in a campaign over the weekend. The campaign unsuccessfully attempted to exploit old cross-site scripting XSS vulnerabilities in WordPress plugins and themes, with the goal of harvesting database credentials. The attacks were...
VulnCheck KEV: CVE-2019-9618
The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter...
Gracemedia Media Player Local File Inclusion (CVE-2019-9618)
A vulnerability exists in gracemedia media player project gracemedia media player. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
CVE-2019-9618
The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter...
CVE-2019-9618
The CVE-2019-9618 issue affects WordPress GraceMedia Media Player 1.0. The vulnerability is a Local File Inclusion in the plugin’s templates/files/ajax_controller.php, caused by unsanitized use of the cfg parameter (require_once($_GET['cfg']);). This allows an attacker to include arbitrary local ...
WordPress GraceMedia Media Player 1.0 Plugin - Local File Inclusion Vulnerability
Exploit for php platform in category web applications WordPress GraceMedia Media Player 1.0 Plugin - Local File Inclusion ============================================= MGC ALERT 2019-001 - Original release date: February 06, 2019 - Last revised: March 13, 2019 - Discovered by: Manuel García...
WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion
WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion ============================================= MGC ALERT 2019-001 - Original release date: February 06, 2019 - Last revised: March 13, 2019 - Discovered by: Manuel García Cárdenas - Severity: 7/10 CVSS Base Score - CVE-ID:...
WordPress GraceMedia Media Player 1.0 Local File Inclusion
============================================= MGC ALERT 2019-001 - Original release date: February 06, 2019 - Last revised: March 13, 2019 - Discovered by: Manuel GarcAa CA!rdenas - Severity: 7/10 CVSS Base Score - CVE-ID: CVE-2019-9618 ============================================= I. VULNERABILI...