45 matches found
WordPress Plainview Protect Passwords Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Plainview Protect Passwords Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-47664 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2a5e4c3d7ce6 Credits Mika Requir...
CVE-2023-41693
Cross-Site Request Forgery CSRF vulnerability in edwardplainview MyCryptoCheckout plugin = 2.125 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in edwardplainview MyCryptoCheckout plugin = 2.125 versions...
CVE-2023-41693 WordPress MyCryptoCheckout Plugin <= 2.125 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in edwardplainview MyCryptoCheckout plugin = 2.125 versions...
WordPress Plainview Activity Monitor 20161228 Remote Code Execution
Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Date: 07.07.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...
WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution (RCE) (Authenticated) (2)
Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Date: 07.07.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...
WordPress Plainview Activity Monitor 20161228 Plugin - Remote Code Execution (Authenticated) Exploit
Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...
WordPress Plainview Activity Monitor Remote Command Execution Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL servers to set up a personal blog site.Plainview Activity Monitor is used in one of the website user activity monitoring plugin. A remote command...
WordPress Plainview Activity Monitor 20161228 Remote Command Execution Exploit
WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on the underlying system. Application passes unsafe user supplied data to ip parameter into activitiesoverview.php. Privileges are required in order to exploit...
WordPress Plainview Activity Monitor 20161228 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plainview Activity Monitor RCE', 'Description' = %q Plainview Activity Monitor Wordpress plugin is vulnerable to OS command injection...
Wordpress Plainview Activity Monitor RCE
Plainview Activity Monitor Wordpress plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on underlying system. Application passes unsafe user supplied data to ip parameter into activitiesoverview.php. Privileges are required in order to exploit this...
WordPress Plainview Activity Monitor Plugin Command Injection (CVE-2018-15877)
A command injection vulnerability exists in WordPress Plainview Activity Monitor plugin. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary OS commands in the affected system...
WordPress Plainview Activity Monitor plugin <= 20161228 - Remote Command Execution (RCE) vulnerability
Remote Command Execution RCE vulnerability found by "aas" in WordPress Plainview Activity Monitor plugin versions = 20161228. Solution Update the WordPress Plainview Activity Monitor plugin to the latest available version at least 20180826...
WordPress Plainview Activity Monitor 20161228 Plugin - Command Injection Exploit
Exploit for php platform in category web applications !-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877...
WordPress Plainview Activity Monitor Plugin OS Command Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Plainview Activity Monitor plugin is used in one of the website user activity monitoring plugin . An operating syst...
WordPress Plainview Activity Monitor 20161228 Command Injection
About: =========== Component: Plainview Activity Monitor Wordpress plugin Vulnerable version: 20161228 and possibly prior Fixed version: 20180826 CVE-ID: CVE-2018-15877 CWE-ID: CWE-78 Author: - LydAcric Lefebvre https://www.linkedin.com/in/lydericlefebvre Timeline: =========== - 2018/08/25:...
WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection
WordPress Plugin Plainview Activity Monitor 20161228 - Authenticated Command Injection !-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877 +...
WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection
!-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877 + Usage: Replace 127.0.0.1 & 9999 with you ip...
CVE-2018-15877
The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request...
CVE-2018-15877
The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request...