EUVD-2016-1859

Malware in sbrugna...

WordPress Lightbox Plus Colorbox Plugin Cross-Site Request Forgery Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.Lightbox Plus Colorbox plugin is an image magnification viewing plugin used in it. A cross-site request forgery vulnerabilit...

CVE-2016-10865

The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery CSRF via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS...

CVE-2016-10865

The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery CSRF via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS...

Cross site request forgery (csrf)

The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery CSRF via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS...

CVE-2016-10865

The CVE-2016-10865 issue affects the WordPress plugin Lightbox Plus Colorbox up to version 2.7.2 . The vulnerability is a CSRF fault on the admin page (wp-admin/admin.php?page=lightboxplus) that can lead to a resulting XSS vector. Root cause: inadequate CSRF protection on that admin entry point. ...

Lightbox Plus <= 2.7.2 - CSRF to XSS

The lightbox-plus WordPress plugin was affected by a CSRF to XSS security vulnerability...

WordPress 3.5.1 Lightbox Plus RCE

Remote Code Execution in the Wordpress core using maybeunserialize and the simplehtmldomnode class Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...