6 matches found
WordPress Photo Gallery 1.3.34 / 1.3.42 Path Traversal
Details ================ Software: Photo Gallery Version: 1.3.34,1.3.42 Homepage: https://wordpress.org/plugins/photo-gallery/ Advisory report: https://security.dxw.com/advisories/path-traversal-in-photo-gallery-may-allow-admins-to-read-most-files-on-the-filesystem/ CVE: Awaiting assignment CVSS:...
Responsive Poll 1.6.4 / 1.7.4 CSRF / Cross Site Scripting
Details ================ Software: Responsive Poll Version: 1.6.4,1.7.4 Homepage: http://codecanyon.net/item/responsive-poll/6785692 Advisory report: https://security.dxw.com/advisories/csrfxss-in-responsive-poll-allows-unauthenticated-attackers-to-do-almost-anything-an-admin-can/ CVE: Awaiting...
WordPress iframe 3.0 Reflective Cross Site Scripting
Details ================ Software: iframe Version: 3.0 Homepage: http://wordpress.org/plugins/iframe/ Advisory report: https://security.dxw.com/advisories/reflected-xss-in-iframe-allows-unauthenticated-users-to-do-almost-anything-an-admin-can/ CVE: Awaiting assignment CVSS: 5.8 Medium;...
WordPress BuddyPress Activity Plus 1.5 CSRF / File Deletion
Details ================ Software: BuddyPress Activity Plus Version: 1.5 Homepage: http://wordpress.org/plugins/buddypress-activity-plus/ Advisory report: https://security.dxw.com/advisories/csrf-and-arbitrary-file-deletion-in-buddypress-activity-plus-1-5/ CVE: Awaiting assignment CVSS: 8.5 High;...
WordPress GD bbPress Attachments 2.1 Local File Inclusion
Details ================ Software: GD bbPress Attachments Version: 2.1 Homepage: http://wordpress.org/plugins/gd-bbpress-attachments/ Advisory report: https://security.dxw.com/advisories/local-file-include-vulnerability-in-gd-bbpress-attachments-allows-attackers-to-include-arbitrary-php-files/ CV...
Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities
Exploit for php platform in category web applications Details ================ Software: Login Widget With Shortcode Version: 3.1.1 Homepage: http://wordpress.org/plugins/login-sidebar-widget/ Advisory report:...