5 matches found
CVE-2015-2807
The CVE-2015-2807 issue affects the WordPress Navis DocumentCloud plugin, specifically versions before 0.1.1. The vulnerability resides in the js/window.php file where the wpbase parameter is used, enabling a reflected cross-site scripting (XSS) attack. An attacker can inject arbitrary script/HTM...
WordPress sourceAFRICA 0.1.3 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title : Wordpress sourceAFRICA Plugin Cross Site Scripting Exploit Author : Ashiyane Digital Security Team Vendor Homepage : https://wordpress.org/plugins/sourceafrica/ Date: 2015-08-29 Tested On : Elementary Os - Firefox Software Link...
WordPress sourceAFRICA 0.1.3 Cross Site Scripting
Exploit Title : Wordpress sourceAFRICA Plugin Cross Site Scripting Exploit Author : Ashiyane Digital Security Team Vendor Homepage : https://wordpress.org/plugins/sourceafrica/ Date: 2015-08-29 Tested On : Elementary Os - Firefox Software Link :...
WordPress Navis DocumentCloud Plugin <= 0.1.0 - XSS
This vulnerability is in js/window.php. It allows an attacker to inject arbitrary web script or HTML via the "wpbase" parameter. Solution Update the plugin...
WordPress Wikipop Plugin <= 2.0 - XSS
Because of this vulnerability in js/window.php, the attackers can inject arbitrary web script or HTML via the "s" parameter. Solution Update the plugin...