Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass

Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code via the sgcgoogleanalytic parameter that runs on all pages served by WordPress. The saveGoogleCode function in smartgooglecode.php does not check if the...

security-research

Security Research This project hosts security advisories and...

security-research

Security Research This project hosts security advisories and...

security-research

Security Research This project hosts security advisories and...

security-research

Security Research This project hosts security advisories and...

[SECURITY] Fedora 40 Update: abseil-cpp-20240116.3-1.fc40

Abseil is an open-source collection of C++ library code designed to augment the C++ standard library. The Abseil library code is collected from Google's own C++ code base, has been extensively tested and used in production, and is the same code we depend on in our daily coding lives. In some case...

[SECURITY] Fedora 41 Update: abseil-cpp-20240722.1-1.fc41

Abseil is an open-source collection of C++ library code designed to augment the C++ standard library. The Abseil library code is collected from Google's own C++ code base, has been extensively tested and used in production, and is the same code we depend on in our daily coding lives. In some case...

security-research

Security Research This project hosts security advisories and...

[SECURITY] Fedora 40 Update: abseil-cpp-20240116.2-1.fc40

Abseil is an open-source collection of C++ library code designed to augment the C++ standard library. The Abseil library code is collected from Google's own C++ code base, has been extensively tested and used in production, and is the same code we depend on in our daily coding lives. In some case...

security-research

Security Research This project hosts security advisories and...

Oturia Smart Google Code Inserter Plugin for WordPress < 3.5 Multiple Vulnerabilities

The WordPress Oturia Smart Google Code Inserter Plugin installed on the remote host is affected by multiple vulnerabilities :\n\n - An Authentication Bypass which allows unauthenticated attackers to insert arbitrary JavaScript or HTML code via the sgcgoogleanalytic parameter.\n - An SQL Injection...

WordPress Smart Google Code Inserter plugin <= 3.4 - Unauthenticated Cross-Site Scripting (XSS) vulnerability

Unauthenticated Cross-Site Scripting XSS vulnerability found by Benjamin Lim in WordPress Smart Google Code Inserter plugin versions = 3.4. Solution Update the WordPress Smart Google Code Inserter plugin to the latest available version at least 3.5...

WordPress Oturia Smart Google Code Inserter plugin authentication bypass vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Oturia Smart Google Code Inserter plugin is used in one of the meta-tagging validation to add plug-ins. An...

WordPress Oturia Smart Google Code Inserter Plugin SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Oturia Smart Google Code Inserter plugin is used in one of the meta-tagging validation to add plug-ins. A SQL...

WordPress Smart Google Code Inserter plugin <=3.4 - Authorization bypass vulnerability

Authorization bypass vulnerability found by Benjamin Lim in WordPress Smart Google Code Inserter plugin versions =3.4. Solution Update the WordPress Smart Google Code Inserter plugin to the latest available version at least version 3.5...

WordPress Plugin Smart Google Code Inserter 3.5 - Authentication Bypass SQL Injection

WordPress Plugin Smart Google Code Inserter 3.5 - Authentication Bypass SQL Injection Exploit Title: Smart Google Code Inserter 3.5 - Auth Bypass/SQLi Google Dork: inurl:wp-content/plugins/smart-google-code-inserter/ Date: 26-Nov-17 Exploit Author: Benjamin Lim Vendor Homepage: http://oturia.com/...

WordPress Smart Google Code Inserter plugin <=3.4 - SQL injection (SQLi) vulnerability

SQL injection SQLi vulnerability found by Benjamin Lim in WordPress Smart Google Code Inserter plugin versions =3.4. Plugin function saveGoogleAdWords function in smartgooglecode.php file passes unsanitized $POST"oId" input into the SQL query. Solution Update the WordPress Smart Google Code...

WordPress Smart Google Code Inserter SQL Injection

Exploit Title: Smart Google Code Inserter 3.5 - Auth Bypass/SQLi Google Dork: inurl:wp-content/plugins/smart-google-code-inserter/ Date: 26-Nov-17 Exploit Author: Benjamin Lim Vendor Homepage: http://oturia.com/ Software Link: https://wordpress.org/plugins/smart-google-code-inserter/ Version: 3.4...

WordPress Smart Google Code Inserter Plugin < 3.5 Multiple Vulnerabilities

The WordPress plugin Copyright C 2018 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...

CVE-2018-3810

Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code via the sgcgoogleanalytic parameter that runs on all pages served by WordPress. The saveGoogleCode function in...