WordPress PeachPay — Payments & Express Checkout for WooCommerce (supports Stripe, PayPal, Square, Authorize.net, NMI) plugin <= 1.120.46 - Cross-Site Request Forgery to Stripe Unlink vulnerability

Cross-Site Request Forgery to Stripe Unlink vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin PeachPay Payments versions = 1.120.46...

WordPress SVS Pricing Tables plugin <= 1.0.4 - Cross-Site Request Forgery to Pricing Table Deletion vulnerability

Cross-Site Request Forgery to Pricing Table Deletion vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin SVS Pricing Tables versions = 1.0.4...

WordPress WP To Do plugin <= 1.3.0 - Cross-Site Request Forgery via wptodo_settings vulnerability

Cross-Site Request Forgery via wptodosettings vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin WP To Do versions = 1.3.0...

WordPress Pricing Table plugin <= 2.0.1 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Pricing Table versions = 2.0.1...

WordPress Snippet Shortcodes plugin <= 4.1.4 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Snippet Shortcodes versions = 4.1.4...

WordPress Attire Blocks plugin <= 1.9.2 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Attire Blocks versions = 1.9.2...

WordPress Fluid Notification Bar plugin <= 3.2.3 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Fluid Notification Bar versions = 3.2.3...

WordPress WP To Do plugin <= 1.3.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Settings vulnerability

Authenticated Admin+ Stored Cross-Site Scripting via Settings vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin WP To Do versions = 1.3.0...

WordPress ADFO plugin <= 1.9.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin ADFO versions = 1.9.0...

WordPress hostel plugin <= 1.1.5.3 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Hostel versions = 1.1.5.3...

WordPress Mhr Post Ticker plugin <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Benedictus Jovan in WordPress Plugin Mhr Post Ticker versions = 1.1...

WordPress SVS Pricing Tables plugin <= 1.0.4 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Benedictus Jovan in WordPress Plugin SVS Pricing Tables versions = 1.0.4...

WordPress CM Tooltip Glossary plugin <= 4.2.11 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Benedictus Jovan in WordPress Plugin CM Tooltip Glossary versions = 4.2.11...

WordPress Pocket News Generator plugin <= 0.2.0 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Benedictus Jovan in WordPress Plugin Pocket News Generator versions = 0.2.0...

WordPress News Wall plugin <= 1.1.0 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by Benedictus Jovan in WordPress Plugin News Wall versions = 1.1.0...

WordPress Pocket News Generator plugin <= 0.2.0 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Benedictus Jovan in WordPress Plugin Pocket News Generator versions = 0.2.0...

DDoS-for-Hire Service Webstresser Dismantled

Authorities in the U.S., U.K. and the Netherlands on Tuesday took down popular online attack-for-hire service WebStresser.org and arrested its alleged administrators. Investigators say that prior to the takedown, the service had more than 136,000 registered users and was responsible for launching...

Joomla JS Jobs 1.0.5.6 SQL Injection

Joomla Component comjsjobs Multiple SQL injection vulnerability Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : December 9, 2009 Software Information + Vendor : http://www.joomshark.com/ + Download :...

Joomla Facebook SQL Injection

Joomla Component comfacebook SQL injection vulnerability - id Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : September 22, 2009 //////\ ///////\ //////\ //////\ //////\ -=- KILL-9 CREW -=- INDONESIANCODER -=- Software Information +...

Joomla com_surveymanager (stype) SQL Injection Vulnerability

No description provided by source. Joomla comsurveymanager SQL injection vulnerability - stype Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : September 19, 2009 //////\ ///////\ //////\ //////\ //////\ -=- KILL-9 CREW -=-...