6 matches found
Wordpress Plugin ThreeWP Email Reflector 1.13 - Stored XSS
No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: ThreeWP Email Reflector Version: 1.13 Plugin Site: http://mindreantre.se/ Software Download: http://wordpress.org/extend/plugins/threewp-email-reflector/installation/ Timeline: 29 May 2012:...
wordpress mini mail dashboard widget 1.42 - Stored XSS
No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: Mini Mail Dashboard Widget Version: 1.42 Software Download: http://wordpress.org/extend/plugins/mini-mail-dashboard-widget/ Timeline: 29 May 2012: Vulnerability reported to CERT 30 May 2012:...
wordpress simplemail plugin 1.0.6 - Stored XSS
No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: SimpleMail Version: 1.0.6 free version Vendor Site: http://codecanyon.net/item/wp-simplemail/1130008?ref=tinsley Software Download: http://wordpress.org/extend/plugins/wp-simplemail/ Timeline...
wordpress postie plugin 1.4.3 - Stored XSS
No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: Postie Version: 1.4.3 Software Download: http://wordpress.org/extend/plugins/postie/ Timeline: 29 May 2012: Vulnerability reported to CERT 30 May 2012: Response received from CERT with...
WordPress SimpleMail Plugin Email字段脚本插入漏洞
CVE ID: CVE-2012-2579 WordPress是一种使用PHP语言和MySQL数据库开发的Blog(博客、网志引擎,用户可以在支持PHP和MySQL数据库的服务器上建立自己的Blog。 SimpleMail plugin for WordPress 1.0.6及其他版本在实现上存在多个漏洞,通过电子邮件的字段"To"、"From"、"Date"、"Subject"传递的输入没有正确过滤即用于显示电子邮件,可被恶意利用执行脚本插入攻击,查看后会在受影响站点的用户浏览器中执行 0 WordPress SimpleMail Plugin 1.x 厂商补丁: WordPress...
WordPress Plugin simplemail 1.0.6 - Persistent Cross-Site Scripting
!/usr/bin/python ''' Author: loneferret of Offensive Security Product: SimpleMail Version: 1.0.6 free version Vendor Site: http://codecanyon.net/item/wp-simplemail/1130008?ref=tinsley Software Download: http://wordpress.org/extend/plugins/wp-simplemail/ Timeline: 29 May 2012: Vulnerability report...