6 matches found
EUVD-2014-9384
Malware in sbrugna...
CVE-2014-9570
Multiple cross-site scripting XSS vulnerabilities in the MyWebsiteAdvisor Simple Security plugin 1.1.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 datefilter parameter in the accesslog page to wp-admin/users.php or 2 simplesecurityipblacklist...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the MyWebsiteAdvisor Simple Security plugin 1.1.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 datefilter parameter in the accesslog page to wp-admin/users.php or 2 simplesecurityipblacklist...
CVE-2014-9570
Multiple cross-site scripting XSS vulnerabilities in the MyWebsiteAdvisor Simple Security plugin 1.1.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 datefilter parameter in the accesslog page to wp-admin/users.php or 2 simplesecurityipblacklist...
CVE-2014-9570
CVE-2014-9570 corresponds to two cross-site scripting (XSS) vulnerabilities in the Simple Security WordPress Plugin (MyWebsiteAdvisor), affected versions 1.1.5 and earlier. The flaws arise from insufficient input sanitization of user-supplied data, specifically the datefilter parameter on /wp-adm...
WordPress Simple Security 1.1.5 Cross Site Scripting
Advisory ID: HTB23244 Product: Simple Security WordPress Plugin Vendor: MyWebsiteAdvisor Vulnerable Versions: 1.1.5 and probably prior Tested Version: 1.1.5 Advisory Publication: December 17, 2014 without technical details Vendor Notification: December 17, 2014 Public Disclosure: January 14, 2015...