WordPress Spreadsheet Integration plugin <= 3.8.2 - Cross-Site Request Forgery to Arbitrary Post Publish vulnerability

Cross-Site Request Forgery to Arbitrary Post Publish vulnerability discovered by Krzysztof Zając in WordPress Plugin Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. versions = 3.8.2...

CVE-2020-21345

Cross Site Scripting XSS vulnerability in Halo 1.1.3 via post publish components in the manage panel, which lets a remote malicious user execute arbitrary code...

Cross site scripting

Cross Site Scripting XSS vulnerability in Halo 1.1.3 via post publish components in the manage panel, which lets a remote malicious user execute arbitrary code...

CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS]

Exploit Title: CVE-2015-4039 - WordPress WP Membership plugin Stored XSS Contact: https://twitter.com/panVagenas Vendor Homepage: http://wpmembership.e-plugins.com/ Software Link: http://codecanyon.net/item/wp-membership/10066554 Version: 1.2.3 Tested on: WordPress 4.2.2 CVE: CVE-2015-4039...

WordPress WP Membership 1.2.3 Cross Site Scripting

Exploit Title: WordPress WP Membership plugin Stored XSS Contact: https://twitter.com/panVagenas Vendor Homepage: http://wpmembership.e-plugins.com/ Software Link: http://codecanyon.net/item/wp-membership/10066554 Version: 1.2.3 Tested on: WordPress 4.2.2 CVE: CVE-2015-4039...

WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: WordPress WP Membership plugin Multiple Vulnerabilities Date: 2015/05/19 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://wpmembership.e-plugins.com/ Software Link:...

WordPress Plugin WP Membership 1.2.3 - Multiple Vulnerabilities

Exploit Title: WordPress WP Membership plugin Multiple Vulnerabilities Date: 2015/05/19 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://wpmembership.e-plugins.com/ Software Link: http://codecanyon.net/item/wp-membership/10066554 Version: 1.2.3...

WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities

There are multiple vulnerabilities in this WordPress Membership plugin. 1. Privilege escalation. Because of this vulnerability, an attacker can take administrative role to the infected website via "ivmembershipupdateusersettings" AJAX action. 2. Stored XSS allows an attacker to login as regular...

WordPress Plugin WP Membership 1.2.3 - Multiple Vulnerabilities

WordPress Plugin WP Membership 1.2.3 - Multiple Vulnerabilities Exploit Title: WordPress WP Membership plugin Multiple Vulnerabilities Date: 2015/05/19 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://wpmembership.e-plugins.com/ Software Link:...