W3 Total Cache < 2.1.3 - Authenticated Stored XSS

The plugin did not sanitise or escape some of its CDN settings, allowing high privilege users to use JavaScript in them, which will be output in the page, leading to an authenticated Stored Cross-Site Scripting issue Vulnerable parameters: &cdncnames= 1, cdncnames= 2, cdncnames= 3. CDN Type:...

WAFW00F v1.0.0 - Detect All The Web Application Firewall!

WAFW00F identifies and fingerprints Web Application Firewall WAF products. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of potentially...