CVE-2024-9934

The Wp-ImageZoom WordPress plugin through 1.1.0 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-9934 Wp-ImageZoom <= 1.1.0 - Reflected XSS

The Wp-ImageZoom WordPress plugin through 1.1.0 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-9934

Summary: CVE-2024-9934 affects the WordPress plugin Wp-ImageZoom ≤ 1.1.0. The issue is a Reflected Cross-Site Scripting caused by not sanitising/escaping certain parameters before echoing them in a page, potentially exploitable against high-privilege users (e.g., admin). Root cause: insufficient ...

CVE-2024-9934 Wp-ImageZoom <= 1.1.0 - Reflected XSS

The Wp-ImageZoom WordPress plugin through 1.1.0 does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress Wp-ImageZoom Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Wp-ImageZoom Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9934 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 48857c949d4e Credits Mohammad Nikouei Requir...

PT-2024-39949 · WordPress · Wp Image Zoom

Name of the Vulnerable Software and Affected Versions: Wp-ImageZoom WordPress plugin versions prior to 1.1.1 Description: The Wp-ImageZoom WordPress plugin does not sanitise and escape some parameters before outputting them back in a page, leading to a Reflected Cross-Site Scripting issue. This...

WordPress Plugin Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities

WordPress Plugin Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities Exploit Title: wp-imagezoom Remote Image Upload Google Dork: filetype:php inurl:"/wp-content/plugins/wp-imagezoom" & inurl:"?id=" Date: 06.06.2015 Exploit Author: T3N38R15 Software Link:...

WordPress Plugin Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities

Exploit Title: wp-imagezoom Remote Image Upload Google Dork: filetype:php inurl:"/wp-content/plugins/wp-imagezoom" & inurl:"?id=" Date: 06.06.2015 Exploit Author: T3N38R15 Software Link: https://downloads.wordpress.org/plugin/wp-imagezoom.1.1.0.zip Version: 1.1.0 Tested on: Windows Firefox Linux...

Wp-ImageZoom - zoom.php id Parameter SQL Injection

The Wp-ImageZoom WordPress plugin was affected by a zoom.php id Parameter SQL Injection security vulnerability...

WordPress Theme Wp-ImageZoom - id SQL Injection

WordPress Theme Wp-ImageZoom - id SQL Injection source: https://www.securityfocus.com/bid/56691/info The Wp-ImageZoom theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploi...

WordPress Theme Wp-ImageZoom - &#039;id&#039; SQL Injection

source: https://www.securityfocus.com/bid/56691/info The Wp-ImageZoom theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, acce...

WordPress Wp-ImageZoom 1.0.3 File Disclosure

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Wp-ImageZoom <= 1.0.4 - File Disclosure

The Wp-ImageZoom WordPress plugin was affected by a File Disclosure security vulnerability...

WordPress Plugin Wp-ImageZoom - &#039;file&#039; Remote File Disclosure

source: https://www.securityfocus.com/bid/54058/info Wp-ImageZoom for WordPress is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view local files in the context of the web server process,...

WordPress Plugin Wp-ImageZoom - file Remote File Disclosure

WordPress Plugin Wp-ImageZoom - file Remote File Disclosure source: https://www.securityfocus.com/bid/54058/info Wp-ImageZoom for WordPress is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to...

Wordpress Plugins - Wp-ImageZoom Remote File Disclosure Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability

No description provided by source. Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability Created By 1nd0n3s14n l4m3r c -- 14/12/2oo9 No Sanitize Variable $SERVER"DOCUMENTROOT" automne/imagezoom.php?DOCUMENTROOT=Shell automne/isalive.php?DOCUMENTROOT=Shell automne/admin/backtrace.php?DOCUMENTROOT=She...