21 matches found
WordPress Connection Information Cross Site Request Forgery Vulnerability
The FTP/SSH form functionality of WordPress was found to be vulnerable to cross site request forgery. WordPress versions 4.5.3 through 4.7.4 are affected. ------------------------------------------------------------------------ Cross-Site Request Forgery in WordPress Connection Information...
WordPress 4.5.3 Press This Function CSRF / Denial Of Service Vulnerabilities
Exploit for php platform in category web applications ------------------------------------------------------------------------ Cross-Site Request Forgery in WordPress Press This function allows DoS ------------------------------------------------------------------------ Sipke Mellema, July 2016...
WordPress Adminer 1.4.4 Interface Exposure Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ WordPress Adminer plugin allows public local database login ------------------------------------------------------------------------ David Vaartjes, July 2016...
WordPress Simple Ads Manager 2.9.8.125 PHP Object Injection Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Simple Ads Manager WordPress plugin unauthenticated PHP Object injection vulnerability ------------------------------------------------------------------------ Yorick...
WordPress Gwolle Guestbook 1.7.4 Cross Site Request Forgery Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Gwolle Guestbook mass action vulnerable for Cross-Site Request Forgery ------------------------------------------------------------------------ Radjnies Bhansingh, July...
WordPress Atahualpa Theme Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting in Atahualpa WordPress Theme ------------------------------------------------------------------------ Spyros Gasteratos, July 2016 ------------------------------------------------------------------------...
2017 Visual Studio Code Workspace settings code execution
The following issue constitutes an arbitrary code execution vulnerability in Visual Studio Code herein referred to as "Code". Users should upgrade to Code 1.9.0 or later. says: Visual Studio Code is a source code editor developed by Microsoft for Windows, Linux and macOS. It includes support for...
WordPress File Manager 3.0.1 Plugin - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications !-- Source: https://sumofpwn.nl/advisory/2016/crosssiterequestforgeryinfilemanagerwordpressplugin.html Abstract A Cross-Site Request Forgery CSRF vulnerability was found in the File Manager WordPress Plugin. Among others, this issue can be use...
WordPress WP-Filebase Download Manager 3.4.4 Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in WP-Filebase Download Manager WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...
WordPress Google Analytics Counter Tracker 3.1.5 PHP Object Injection
------------------------------------------------------------------------ Google Analytics Counter Tracker WordPress Plugin unauthenticed PHP Object injection vulnerability ------------------------------------------------------------------------ Remco Vermeulen, July 2016...
WordPress Huge IT Portfolio Gallery 2.0.77 Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting in Huge IT Portfolio Gallery WordPress Plugin ------------------------------------------------------------------------ Antonis Manaras, July 2016...
WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Reflected Cross-Site Scripting vulnerability in W3 Total Cache plugin ------------------------------------------------------------------------ Sipke Mellema, July 2016...
WordPress Calendar 1.3.7 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Cross-Site Scripting in Calendar WordPress Plugin ------------------------------------------------------------------------ Remco Vermeulen, July 2016...
WordPress WassUp Real Time Analytics 1.9 Plugin - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Source: https://sumofpwn.nl/advisory/2016/persistentcrosssitescriptinginwassuprealtimeanalyticswordpressplugin.html Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin Abstract A stored Cross-Site Scripting XSS...
WordPress Quotes Collection 2.0.5 Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...
WordPress Link Library 5.9.12.29 Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting in Link Library WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016 ------------------------------------------------------------------------...
WordPress Plugin Count Per Day 3.5.4 - Persistent Cross-Site Scripting
WordPress Plugin Count Per Day 3.5.4 - Persistent Cross-Site Scripting Stored Cross-Site Scripting vulnerability in Count per Day WordPress Plugin Abstract A Cross-Site Scripting vulnerability was found in the Count per Day WordPress Plugin. This issue can be exploited by an unauthenticated...
WordPress Plugin Booking Calendar 6.2 - SQL Injection
WordPress Plugin Booking Calendar 6.2 - SQL Injection SQL injection vulnerability in Booking Calendar WordPress Plugin Abstract An SQL injection vulnerability exists in the Booking Calendar WordPress plugin. This vulnerability allows an attacker to view data from the database. The affected...
WordPress All-In-One Security / Firewall 4.1.2 CAPTCHA Bypass
------------------------------------------------------------------------ Multiple vulnerabilities in All In One WP Security & Firewall plugin login CAPTCHA ------------------------------------------------------------------------ Sipke Mellema, July 2016...
WordPress Plugin WP Live Chat Support 6.2.03 - Persistent Cross-Site Scripting
Stored Cross-Site Scripting vulnerability in WP Live Chat Support WordPress Plugin Abstract A stored Cross-Site Scripting vulnerability was found in the WP Live Chat Support WordPress Plugin. This issue can be exploited by an unauthenticated user. It allows an attacker to perform a wide variety o...