12 matches found
Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion
Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion Product: Site Editor Wordpress Plugin - https://wordpress.org/plugins/site-editor/ Vendor: Site Editor Tested version: 1.1.1 CVE ID: CVE-2018-7422 CVE description A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1...
WordPress Site Editor plugin <=1.1.1 - Local File Inclusion (LFI) vulnerability
Local File Inclusion LFI vulnerability found by Nicolas Buzy-Debat in WordPress Site Editor plugin versions =1.1.1. Solution 19.03.18 - we were unable to find a patched version of the plugin...
WordPress Site Editor 1.1.1 Local File Inclusion
Product: Site Editor Wordpress Plugin - https://wordpress.org/plugins/site-editor/ Vendor: Site Editor Tested version: 1.1.1 CVE ID: CVE-2018-7422 CVE description A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitra...
WordPress Splashing Images plugin <=2.1 - Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting XSS vulnerability found by Nicolas Buzy-Debat in WordPress Splashing Images plugin versions =2.1. Possible remote injection of arbitrary web script or HTML via the search parameter to wp-admin/upload.php. Solution Update the WordPress Splashing Images plugin to the latest...
WordPress Splashing Images plugin <=2.1 - Authenticated PHP Object Injection vulnerability
Authenticated PHP Object Injection vulnerability found by Nicolas Buzy-Debat in WordPress Splashing Images plugin versions =2.1. PHP Object Injection attack via crafted serialized data in the 'session' HTTP GET parameter to wp-admin/upload.php. Solution Update the WordPress Splashing Images plugi...
WordPress Concours 1.1 Cross Site Scripting
Product: WordPress Concours Plugin - https://wordpress.org/plugins/wp-concours/ Vendor: Olyos Tested version: 1.1 CVE ID: CVE-2017-17719 CVE description A cross-site scripting XSS vulnerability in the wp-concours plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web...
WordPress Custom Map plugin <=1.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability found by Nicolas Buzy-Debat in WordPress Custom Map plugin versions =1.1. Solution Dec 20, 2017 - we were unable to find a patched version of this plugin. Uninstall or use it at your own risk...
WordPress Custom Map 1.1 Cross Site Scripting Vulnerability
WordPress Custom Map plugin version 1.1 suffers from a cross site scripting vulnerability. Product: Custom Map WordPress Plugin - https://wordpress.org/plugins/custom-map/ Vendor: webdesi9 Tested version: 1.1 CVE ID: CVE-2017-17744 CVE description A cross-site scripting XSS vulnerability in the...
WordPress CSV Import-Export 1.1 Cross Site Scripting Vulnerability
WordPress CSV Import-Export plugin version 1.1 suffers from a cross site scripting vulnerability. Product: CSV Import-Export Wordpress Plugin - https://wordpress.org/plugins/csv-import-export/ Vendor: eSparkBiz Tested version: 1.1 CVE ID: CVE-2017-17753 CVE description Multiple cross-site scripti...
WordPress CSV Import-Export 1.1 Cross Site Scripting
Product: CSV Import-Export Wordpress Plugin - https://wordpress.org/plugins/csv-import-export/ Vendor: eSparkBiz Tested version: 1.1 CVE ID: CVE-2017-17753 CVE description Multiple cross-site scripting XSS vulnerabilities in the esb-csv-import-export plugin through 1.1 for WordPress allow remote...
WordPress Concours 1.1 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Product: WordPress Concours Plugin - https://wordpress.org/plugins/wp-concours/ Vendor: Olyos Tested version: 1.1 CVE ID: CVE-2017-17719 CVE description A cross-site scripting XSS vulnerability in the wp-concours plugin through 1.1 for WordPre...
WordPress User Login History 1.5.2 Cross Site Scripting Vulnerability
WordPress User Login History plugin version 1.5.2 suffers from a cross site scripting vulnerability. Product: User Login History Wordpress Plugin - https://wordpress.org/plugins/user-login-history/ Vendor: Er Faiyaz Alam Tested version: 1.5.2 CVE ID: CVE-2017-15867 CVE description Multiple...