EUVD-2016-1081

Malware in sbrugna...

Wordpress hero-maps-pro plugin cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the Wordpress hero-maps-pro plugin version 2.1.0. An attacker...

CVE-2016-1000137

Reflected XSS in wordpress plugin hero-maps-pro v2.1.0...

Cross site scripting

Reflected XSS in wordpress plugin hero-maps-pro v2.1.0...

CVE-2016-1000137

WordPress Hero Maps Pro plugin version 2.1.0 is affected by a reflected cross-site scripting (XSS) vulnerability. The Nuclei template documents a reflected XSS in Hero Maps Pro 2.1.0, allowing an attacker to execute arbitrary JavaScript in the victim’s browser in the context of the affected site....

CVE-2016-1000137

Reflected XSS in wordpress plugin hero-maps-pro v2.1.0...

Hero Maps Pro <= 2.1.0 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The hero-maps-pro WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability. http://www.example.com/wp-content/plugins/hero-maps-pro/views/dashboard/index.php?v="alert1;"...

WordPress Hero Maps Pro plugin <= 2.1.0 - Cross Site-Scripting (XSS) vulnerability

Cross Site-Scripting XSS vulnerability discovered by Larry W. Cashdollar in WordPress Hero Maps Pro plugin versions = 2.1.0. Solution Plugin closed. Deactivate and delete...