9 matches found
EUVD-2007-4088
Malware in sbrugna...
WordPress WP-FeedStats 2.1 HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25085/info The WP-FeedStats plugin for WordPress is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to execute HTML...
WordPress WP-FeedStats HTML注入漏洞
WordPress是一款基于WEB的网络日记程序。 WordPress不正确过滤用户提的输入,远程攻击者可以利用漏洞进行HTML注入攻击,获得敏感信息。 问题是'WP-FeedStats'脚本对用户提交的WEB参数缺少过滤,提交恶意脚本代码作为参数数据,并诱使用户访问,可获得目标用户敏感信息。 WP-FeedStats 2.1 目前没有解决方案提供: http://bueltge.de/wp-feedstats-de-plugin/171/ http://www.example.com/wp1/?feed=rss2&scriptalert1/script...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the WP-FeedStats before 2.4 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, one of which involves an rss2 feed with an invalid or missing blog with an XSS sequence in the query string...
CVE-2007-4104
Multiple cross-site scripting XSS vulnerabilities in the WP-FeedStats before 2.4 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, one of which involves an rss2 feed with an invalid or missing blog with an XSS sequence in the query string...
CVE-2007-4104
Multiple cross-site scripting XSS vulnerabilities in the WP-FeedStats before 2.4 plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, one of which involves an rss2 feed with an invalid or missing blog with an XSS sequence in the query string...
CVE-2007-4104
WP-FeedStats WordPress plugin (before 2.4) contains multiple XSS vulnerabilities. Attackers can inject arbitrary web script or HTML via unspecified vectors, including an rss2 feed with an invalid or missing blog in the query string. Affects WP-FeedStats up to version 2.3; base CVSS from NVD is 4....
[Full-disclosure] WordPress wp-feedstats persistent XSS
A persistent XSS vulnerability was found in wp-feedstats 2.4 by David Kierznowski http://gnucitizen.org/about/dk of GNUCITIZEN. Details: http://blogsecurity.net/wordpress/news-260707/...
WordPress Plugin WP-FeedStats 2.1 - HTML Injection
source: https://www.securityfocus.com/bid/25085/info The WP-FeedStats plugin for WordPress is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to execute HTML and script code in the context of...