Lucene search
K

78 matches found

CVE
CVE
added 2024/12/02 1:48 p.m.49 views

CVE-2024-53723

CVE-2024-53723 refers to a Cross-Site Request Forgery (CSRF) that enables Stored XSS in the WordPress plugin Google Plus Share and +1 Button . The advisory states the issue affects versions from n/a through 1.0. The provided documents do not specify a vendor patch, mitigation, or exploit details....

7.1CVSS7.2AI score0.00166EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/02 12:0 a.m.3 views

WordPress plugin Google Plus Share and +1 Button 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

7.1CVSS8.1AI score0.00166EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/02 12:0 a.m.5 views

PT-2024-35831 · Unknown · Google Plus Share/+1 Button

Name of the Vulnerable Software and Affected Versions: A.Cihangir BALTACI Google Plus Share and +1 Button versions n/a through 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS in the Google Plus Share and +1 Button. This means an attacker can...

7.1CVSS9.2AI score0.00166EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/11/22 12:0 a.m.6 views

WordPress Google Plus Share and +1 Button Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Google Plus Share and +1 Button Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-53723 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 1172091fa78a Credits SOPROBR...

7AI score0.00166EPSS
Exploits0References1Affected Software1
Malwarebytes
Malwarebytes
added 2018/12/17 5:58 p.m.56 views

A week in security (December 10 – 16)

Last week on Labs, we took a look at some new Mac malware, a collection of various scraped data dumps, the protection of power grids, and how bad actors are using SMB vulnerabilities. Other cybersecurity news Millions affected by Facebook photo API bug: An issue granted third-party apps more acce...

0.1AI score
Exploits0
HackRead
HackRead
added 2018/12/10 9:44 p.m.34 views

Google Plus hit by another breach – Data of 52.5M users exposed

By Waqas Google Plus has been hit by yet another bug forcing the company to shut down the social media site earlier than previously anticipated. In October this year, Google revealed that a bug was present in the API for the consumer version of Google Plus Google+ that allowed third-party...

1.6AI score
Exploits0
The Hacker News
The Hacker News
added 2018/12/10 9:2 p.m.1 views

Google+ to Shut Down Early After New API Flaw Hits 52.5 Million Users

Google today revealed that Google+ has suffered another massive data breach, forcing the tech giant to shut down its struggling social network four months earlier than its actual scheduled date, i.e., in April 2019 instead of August 2019. Google said it discovered another critical security...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2018/10/08 7:12 p.m.3 views

Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users' Data

Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers. According to the tech giant, a security vulnerability in one of Google+'s People AP...

6.4AI score
Exploits0
Kitploit
Kitploit
added 2018/09/18 9:3 p.m.164 views

Leaked? 2.0 - A Checking Tool For Hash Codes, Passwords And Emails Leaked

Leaked? is A Checking tool for Hash codes and Passwords and Emails leaked, uses leakz module from Aidan Holland, and leakz module uses API from Aurelius Wendelken. Leaked? can work in any OS if they have support Python 3 and 2. What's new? Check email leaked Update More friendly for users Support...

7.5AI score
Exploits0References1
n0where
n0where
added 2018/08/29 3:43 a.m.34 views

The Offensive Web Application Penetration Testing Framework: TIDoS

TIDoS Framework is a comprehensive web-app audit framework. TIDoS is made to be comprehensive and versatile. It is a highly flexible framework where you just have to select and use modules. But before that, you need to set your own API KEYS for various OSINT purposes. To do so, open up APIKEYS.py...

0.2AI score
Exploits0References2
wpexploit
wpexploit
added 2018/06/20 12:0 a.m.25 views

Open Graph for Facebook, Google+ and Twitter Card Tags <= 2.2.4 - Authenticated Reflected XSS

There is a reflected XSS vulnerability caused by "Open Graph for Facebook, Google+ and Twitter Card Tags" in the wdfbogerror parameter on a GET request when editing a post. This can be exploited by tricking an authenticated Wordpress administrator into clicking a malicious link. This vulnerabilit...

4.3CVSS0.7AI score0.01085EPSS
Exploits1References2
CNVD
CNVD
added 2018/06/11 12:0 a.m.2 views

WordPress Yakadanda Google+ Hangout Events Plugin Cross-Site Scripting Vulnerability

WordPress is a suite of blogging platforms developed in the PHP language by the WordPress Software Foundation, which supports the hosting of personal blog sites on servers running PHP and MySQL.Yakadanda Google+ Hangout Events is one of the widgets that will generate the associated Google+ Hangou...

6.8AI score
Exploits0References1
Fedora
Fedora
added 2017/03/08 1:59 p.m.19 views

[SECURITY] Fedora 25 Update: drupal7-metatag-1.21-1.fc25

The Metatag module allows you to automatically provide structured metadata, aka "meta tags", about your website. In the context of search engine optimization, when people refer to meta tags they are usually referring to the meta description tag and the meta keywords tag that may help improve the...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2015/07/29 12:0 a.m.32 views

WordPress Google Plus One Button By KMS 1.5.0 CSRF / XSS

Title: WordPress 'Google 'Plus one' Button by kms' Plugin Version: 1.5.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/google-plus-one-button-by-kms/ - https://plugins.svn.wordpress.org/google-plus-one-button-by-kms/ Notified...

0.3AI score
Exploits0
Kitploit
Kitploit
added 2014/01/20 4:45 p.m.14 views

[Social Password Decryptor v4.0] All-in-one Social Network Password Recovery Software

Social Password Decryptor is the FREE software to instantly recover Passwords for popular Social Networks such as Facebook, Twitter, Google Plus etc. It can automatically discover and recover all the social passwords stored by web browsers & messengers including Firefox, Chrome, IE, GTalk and mor...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/29 9:59 a.m.5 views

DDoS Attack Using Google Plus Servers

A Security expert at Italian security firm AIR Sicurezza Informatica has claimed that Google's servers vulnerability allows a hacker to exploit the search giant's bandwidth to launch a distributed denial-of-service DDoS attack on any targeted server. On the IHTeam Security Blog, the author of the...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2011/07/19 2:7 p.m.7 views

Slideshow: Ten Tips For Securing Your Google+ Account

Google’s new social network is growing fast, with more than 10 million users in its first week of operation. That’s not too bad for an invite-only Closed Beta release! The new social network is also a hit with users, unlike previous efforts like Orkut and Buzz. As with any social network, however...

1.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2011/07/12 9:12 p.m.17 views

Pseudonyms A Pseudo Controversy With Google+

Mark Twain, Joseph Conrad and Stan Lee need not apply to Google’s hot new social network, Google+. The Web search giant, it seems, isn’t interested in pseudonyms or other phony identities. Its IRL in real life all the time – and that’s a problem, according to a spate of news articles this week. B...

7.2AI score
Exploits0References7
Rows per page
Query Builder