PT-2025-3759 · WordPress · Dwt - Directory & Listing Wordpress Theme

Name of the Vulnerable Software and Affected Versions: DWT - Directory & Listing WordPress Theme versions up to, and including, 3.3.3 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping on the sort by and token parameters...

WordPress DWT - Directory & Listing theme <= 3.3.3 - Reflected Cross-Site Scripting vulnerability

WordPress DWT - Directory & Listing theme = 3.3.3 - Reflected Cross-Site Scripting vulnerability discovered by István Márton in WordPress Theme DWT - Directory & Listing versions = 3.3.3...

CityBook < 2.4.4 - Unauthenticated Reflected XSS

Unauthenticated Reflected XSS vulnerability was discovered in the «CityBook - Directory & Listing WordPress Theme», tested version — v2.4.3. Edit WPScanTeam June 17th, 2020 - Confirmed & Escalated to Envato June 18th, 2020 - v2.4.4 released, fixing the issue PoC...

Craigs CMS 1.0.2 SQL Injection

Exploit Title: Craigs CMS 1.0.2 - SQL Injection Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: https://themerig.com/ Software Link: https://codecanyon.net/item/craigs-cms-directory-listing-theme/22431565 Version: 1.0.2 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CV...

Craigs Classified Ads CMS Theme 1.0.2 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Craigs CMS 1.0.2 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://themerig.com/ Software Link: https://codecanyon.net/item/craigs-cms-directory-listing-theme/22431565 Version: 1.0.2 Category: Webapps Tested...