16 matches found
EUVD-2013-4145
Malware in sbrugna...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the HMS Testimonials plugin before 2.0.11 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 image, 3 url, or 4 testimonial parameter to the Testimonial form hms-testimonials-addnew page; 5 dateformat...
CVE-2013-4241
Multiple cross-site scripting XSS vulnerabilities in the HMS Testimonials plugin before 2.0.11 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 image, 3 url, or 4 testimonial parameter to the Testimonial form hms-testimonials-addnew page; 5 dateformat...
CVE-2013-4241
CVE-2013-4241 (HMS Testimonials plugin for WordPress) : The NVD and related records describe multiple XSS vulnerabilities in the HMS Testimonials plugin for WordPress, fixed in versions before 2.0.11. The affected vectors include the Testimonial form fields (name, image, url, testimonial) and sev...
HMS Testimonials 2.0.10 - XSS
The HMS Testimonials WordPress plugin was affected by a XSS security vulnerability...
HMS Testimonials 2.0.10 - CSRF
The HMS Testimonials WordPress plugin was affected by a CSRF security vulnerability...
Wordpress HMS Testimonials Plugin 2.0.10 - Multiple Vulnerabilities
No description provided by source. Update ======================== Fixed wrong dates. Details ======================== Application: HMS Testimonials http://wordpress.org/plugins/hms-testimonials/ Version: 2.0.10 Type: Wordpress Plugin Vendor: Jeff Kreitner http://profiles.wordpress.org/kreitje/...
CVE-2013-4240
Multiple cross-site request forgery CSRF vulnerabilities in the HMS Testimonials plugin before 2.0.11 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 add new testimonials via the hms-testimonials-addnew page, 2 add new groups via the...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the HMS Testimonials plugin before 2.0.11 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 add new testimonials via the hms-testimonials-addnew page, 2 add new groups via the...
CVE-2013-4240
The CVE-2013-4240 entry concerns the WordPress HMS Testimonials plugin, affected in versions before 2.0.11. The vulnerability set consists of multiple CSRF flaws that allow an attacker to hijack an administrator’s authenticated session and perform actions such as adding testimonials, adding group...
[RCA-201308-01] HMS Testimonials 2.0.10 WP plugin - Multiple vulnerabilities
Details ======================== Application: HMS Testimonials http://wordpress.org/plugins/hms-testimonials/ Version: 2.0.10 Type: Wordpress Plugin Vendor: Jeff Kreitner http://profiles.wordpress.org/kreitje/ Vulnerability: - Cross-Site Request Forgery CWE-352 - Cross-Site Scripting CWE-79...
WordPress Plugin Hms Testimonials 2.0.10 - Multiple Vulnerabilities
Update ======================== Fixed wrong dates. Details ======================== Application: HMS Testimonials http://wordpress.org/plugins/hms-testimonials/ Version: 2.0.10 Type: Wordpress Plugin Vendor: Jeff Kreitner http://profiles.wordpress.org/kreitje/ Vulnerability: - Cross-Site Request...
WordPress Plugin Hms Testimonials 2.0.10 - Multiple Vulnerabilities
WordPress Plugin Hms Testimonials 2.0.10 - Multiple Vulnerabilities Update ======================== Fixed wrong dates. Details ======================== Application: HMS Testimonials http://wordpress.org/plugins/hms-testimonials/ Version: 2.0.10 Type: Wordpress Plugin Vendor: Jeff Kreitner...
WordPress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities
Hms Testimonials plugin is prone to multiple vulnerabilities, such as cross-site scripting and cross-site request forgery vulnerabilities. Solution Update the plugin...
WordPress HMS Testimonials 2.0.10 XSS / CSRF
Update ======================== Fixed wrong dates. Details ======================== Application: HMS Testimonials http://wordpress.org/plugins/hms-testimonials/ Version: 2.0.10 Type: Wordpress Plugin Vendor: Jeff Kreitner http://profiles.wordpress.org/kreitje/ Vulnerability: - Cross-Site Request...
WordPress HMS Testimonials 2.0.10 XSS / CSRF Vulnerabilities
WordPress HMS Testimonials plugin version 2.0.10 suffers from cross site request forgery and cross site scripting vulnerabilities. Update ======================== Fixed wrong dates. Details ======================== Application: HMS Testimonials http://wordpress.org/plugins/hms-testimonials/...