Lucene search
+L

12 matches found

exploitpack
exploitpack
added 2018/03/23 12:0 a.m.89 views

Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion

Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion Product: Site Editor Wordpress Plugin - https://wordpress.org/plugins/site-editor/ Vendor: Site Editor Tested version: 1.1.1 CVE ID: CVE-2018-7422 CVE description A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1...

5CVSS7.7AI score0.63102EPSS
Exploits7
Patchstack
Patchstack
added 2018/03/19 12:0 a.m.14 views

WordPress Site Editor plugin <=1.1.1 - Local File Inclusion (LFI) vulnerability

Local File Inclusion LFI vulnerability found by Nicolas Buzy-Debat in WordPress Site Editor plugin versions =1.1.1. Solution 19.03.18 - we were unable to find a patched version of the plugin...

2.5AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2018/03/16 12:0 a.m.68 views

WordPress Site Editor 1.1.1 Local File Inclusion

Product: Site Editor Wordpress Plugin - https://wordpress.org/plugins/site-editor/ Vendor: Site Editor Tested version: 1.1.1 CVE ID: CVE-2018-7422 CVE description A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitra...

7.5AI score0.63102EPSS
Exploits7
Patchstack
Patchstack
added 2018/01/30 12:0 a.m.20 views

WordPress Splashing Images plugin <=2.1 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found by Nicolas Buzy-Debat in WordPress Splashing Images plugin versions =2.1. Possible remote injection of arbitrary web script or HTML via the search parameter to wp-admin/upload.php. Solution Update the WordPress Splashing Images plugin to the latest...

4.8CVSS1.6AI score0.01028EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2018/01/30 12:0 a.m.18 views

WordPress Splashing Images plugin <=2.1 - Authenticated PHP Object Injection vulnerability

Authenticated PHP Object Injection vulnerability found by Nicolas Buzy-Debat in WordPress Splashing Images plugin versions =2.1. PHP Object Injection attack via crafted serialized data in the 'session' HTTP GET parameter to wp-admin/upload.php. Solution Update the WordPress Splashing Images plugi...

7.2CVSS2.3AI score0.03716EPSS
Exploits2References1Affected Software1
Packet Storm
Packet Storm
added 2017/12/20 12:0 a.m.70 views

WordPress Concours 1.1 Cross Site Scripting

Product: WordPress Concours Plugin - https://wordpress.org/plugins/wp-concours/ Vendor: Olyos Tested version: 1.1 CVE ID: CVE-2017-17719 CVE description A cross-site scripting XSS vulnerability in the wp-concours plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web...

6.4AI score0.00938EPSS
Exploits3
Patchstack
Patchstack
added 2017/12/20 12:0 a.m.52 views

WordPress Custom Map plugin <=1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability found by Nicolas Buzy-Debat in WordPress Custom Map plugin versions =1.1. Solution Dec 20, 2017 - we were unable to find a patched version of this plugin. Uninstall or use it at your own risk...

6.1CVSS1.6AI score0.00938EPSS
Exploits3References1Affected Software1
0day.today
0day.today
added 2017/12/20 12:0 a.m.56 views

WordPress Custom Map 1.1 Cross Site Scripting Vulnerability

WordPress Custom Map plugin version 1.1 suffers from a cross site scripting vulnerability. Product: Custom Map WordPress Plugin - https://wordpress.org/plugins/custom-map/ Vendor: webdesi9 Tested version: 1.1 CVE ID: CVE-2017-17744 CVE description A cross-site scripting XSS vulnerability in the...

4.3CVSS6.2AI score0.00938EPSS
Exploits3
0day.today
0day.today
added 2017/12/20 12:0 a.m.57 views

WordPress CSV Import-Export 1.1 Cross Site Scripting Vulnerability

WordPress CSV Import-Export plugin version 1.1 suffers from a cross site scripting vulnerability. Product: CSV Import-Export Wordpress Plugin - https://wordpress.org/plugins/csv-import-export/ Vendor: eSparkBiz Tested version: 1.1 CVE ID: CVE-2017-17753 CVE description Multiple cross-site scripti...

4.3CVSS6.2AI score0.00845EPSS
Exploits2
Packet Storm
Packet Storm
added 2017/12/20 12:0 a.m.92 views

WordPress CSV Import-Export 1.1 Cross Site Scripting

Product: CSV Import-Export Wordpress Plugin - https://wordpress.org/plugins/csv-import-export/ Vendor: eSparkBiz Tested version: 1.1 CVE ID: CVE-2017-17753 CVE description Multiple cross-site scripting XSS vulnerabilities in the esb-csv-import-export plugin through 1.1 for WordPress allow remote...

6.4AI score0.00845EPSS
Exploits2
0day.today
0day.today
added 2017/12/20 12:0 a.m.55 views

WordPress Concours 1.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Product: WordPress Concours Plugin - https://wordpress.org/plugins/wp-concours/ Vendor: Olyos Tested version: 1.1 CVE ID: CVE-2017-17719 CVE description A cross-site scripting XSS vulnerability in the wp-concours plugin through 1.1 for WordPre...

6.4AI score0.00938EPSS
Exploits3
0day.today
0day.today
added 2017/11/01 12:0 a.m.58 views

WordPress User Login History 1.5.2 Cross Site Scripting Vulnerability

WordPress User Login History plugin version 1.5.2 suffers from a cross site scripting vulnerability. Product: User Login History Wordpress Plugin - https://wordpress.org/plugins/user-login-history/ Vendor: Er Faiyaz Alam Tested version: 1.5.2 CVE ID: CVE-2017-15867 CVE description Multiple...

4.3CVSS6.2AI score0.01041EPSS
Exploits2
Rows per page
Query Builder