CVE-2015-9502

The Auberge theme before 1.4.5 for WordPress has XSS via the genericons/example.html anchor identifier...

Design/Logic Flaw

The Auberge theme before 1.4.5 for WordPress has XSS via the genericons/example.html anchor identifier...

CVE-2015-9502

The Auberge theme before 1.4.5 for WordPress has XSS via the genericons/example.html anchor identifier...

Design/Logic Flaw

The indieweb-post-kinds plugin before 1.3.1.1 for WordPress has XSS via the genericons/example.html anchor identifier...

CVE-2015-9494

The indieweb-post-kinds plugin before 1.3.1.1 for WordPress has XSS via the genericons/example.html anchor identifier...

WordPress example.html 跨站脚本漏洞

知道创宇安全研究团队 Evi1m0 ：2015.5.7概要WordPress 被爆 DOM XSS 漏洞，数百万站点受影响，该漏洞存在于 WordPress 流行的 Genericons example.html 页面中，默认主题 Twenty Fifteen 及知名插件 Jetpack 都内置了该页面，经过分析发现原来是 example.html 使用了存在 DOM XSS 漏 洞的 jQuery老版本 。11 年 dmethvin 提交 jQuery 1.6.1 版本的 Ticket 9521 , 其原因是由 $ | jQuery 预期的 CSS 选择器在其他情况下可以用于创建 HT...

Jetpack <= 3.5.2 - Unauthenticated DOM Cross-Site Scripting (XSS)

Genericons = 3.2 vulnerable to DOM XSS in the example.html file due to using outdated version of jQuery and vulnerable code. Vulnerable Code: permalink = "genericon-" + window.location.hash.split''1; cssclass = jQuery '.' + permalink .attr'class'; PoC...

WordPress Genericons Plugin <= 4.2.1 - XSS

This vulnerability is in example.html and allows an attacker to inject arbitrary web script or HTML via a fragment identifier. Solution Update the plugin...

CMS Made Simple 0.10 Lang.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14709/info CMS Made Simple is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may exploit this issue to execute arbitra...