CVE-2016-10954

The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload...

EUVD-2016-1945

Malware in sbrugna...

neosense.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1026734 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting neosense.com website and...

WordPress Neosense theme code issue vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code issue vulnerability exists in WordPress Neosense theme versions prior to 1.8. The vulnerability stems...

CVE-2016-10954

The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload...

CVE-2016-10954

The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload...

Unrestricted file upload

The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload...

CVE-2016-10954

The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload...

CVE-2016-10954

The CVE-2016-10954 issue affects the Neosense WordPress theme prior to 1.8, where the qquploader file uploader does not verify user authorization, enabling unrestricted file uploads. The vulnerability arises from the qquploader component, which can place uploaded files (potentially PHP scripts) i...

PT-2019-7747 · WordPress · Neosense Theme

Name of the Vulnerable Software and Affected Versions: Neosense theme versions prior to 1.8 for WordPress Description: The issue concerns an unrestricted file upload in the qquploader component of the Neosense theme. This allows for potential security risks due to the lack of restrictions on file...

WordPress Neosense Theme Upload Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation.Neosense is a dynamic news theme for WordPress. An upload vulnerability exists in WordPress Neosense Theme. An attacker can exploit this vulnerability to upload arbitrary files to the...

Vulnerability Patched in WordPress Theme That Allows Unrestricted Uploads

WordPress theme publisher DynamicPress fixed a flaw Monday that let anyone upload malicious files to sites running its business-themed Neosense WordPress templates, compromise the site and possibly the server hosting it. Walter Hop, security researcher with Netherlands-based company, Slik, made t...

WordPress Neosense Theme <= 1.7 - Unrestricted File Upload

A copy of the "qquploader" ajax file uploader was found in this theme's directory. An attacker can upload any file to the site by using this uploader. Solution Update the theme...

Neosense Theme < 1.8 - Unrestricted File Upload

Neosense is a commercial WordPress theme by dynamicpress. Version 1.7 and possibly earlier includes in its theme directory a copy of the "qquploader" ajax file uploader, which does not verify user authorization. Using this uploader, an attacker can upload any file to the site. The uploaded file i...