CVE-2014-9401

CVE-2014-9401 affects the WordPress plugin “WP Limit Posts Automatically” (versions

WordPress WP Limit Posts Automatically 0.7 CSRF / XSS

Title: CSRF / Stored XSS Vulnerability in WP Limit Posts Automatically Wordpress Plugin Author: Manideep K cve-id: CVE-2014-9401 Plugin Homepage: https://wordpress.org/plugins/wp-limit-posts-automatically/ Version Affected: 0.7 probably lower versions Severity: High Description: Vulnerable...

WordPress Sliding Recent Posts 1.0 CSRF / XSS

Title: WordPress 'Sliding Recent Posts' plugin - CSRF/XSS Version: 1.0 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2014/12/12 Download: https://wordpress.org/plugins/sliding-recent-posts/ Notified WordPress: 2014/11/27 ----------------------------------------------------------------...

CVE-2014-6299

Cross-site request forgery CSRF vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspecified vectors...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspecified vectors...

RBS Change Complet Open Source 3.6.8 - Cross-Site Request Forgery

RBS Change Complet Open Source 3.6.8 - Cross-Site Request Forgery Exploit Title: RBS Change Complet Open Source CSRF Google Dork: intext:"une réalisation rbs" Date: 10/01/2014 Exploit Author: KrustyHack Vendor Homepage: http://www.rbschange.fr/ Software Link:...

RBS Change Complet Open Source 3.6.8 - Cross-Site Request Forgery

Exploit Title: RBS Change Complet Open Source CSRF Google Dork: intext:"une réalisation rbs" Date: 10/01/2014 Exploit Author: KrustyHack Vendor Homepage: http://www.rbschange.fr/ Software Link: http://www.rbschange.fr/addons/distributions/RBS-Change-complet-Open-Source,67203.html Version: 3.6.8...

RBS Change Complet Open Source 3.6.8 - CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: RBS Change Complet Open Source CSRF Google Dork: intext:"une réalisation rbs" Date: 10/01/2014 Exploit Author: KrustyHack Vendor Homepage: http://www.rbschange.fr/ Software Link:...

RBS Change Complet Open Source Cross Site Request Forgery

Exploit Title: RBS Change Complet Open Source CSRF Google Dork: intext:"une réalisation rbs" Date: 10/01/2014 Exploit Author: KrustyHack Vendor Homepage: http://www.rbschange.fr/ Software Link: http://www.rbschange.fr/addons/distributions/RBS-Change-complet-Open-Source,67203.html Version: 3.6.8...

DEBIAN-CVE-2003-1598

SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the posts variable...

WordPress Mobile Pack Plugin Information Disclosure Vulnerability

WordPress Mobile Pack Plugin is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2014-5337

The WordPress Mobile Pack plugin before 2.0.2 for WordPress does not properly restrict access to password protected posts, which allows remote attackers to obtain sensitive information via an exportarticles action to export/content.php...

Redirection - view/admin/log_item.php Non-existent Posts Referer HTTP Header XSS

The Redirection WordPress plugin was affected by a view/admin/logitem.php Non-existent Posts Referer HTTP Header XSS security vulnerability...

WordPress Related Posts 2.6.1 - Cross-Site Request Forgery

The WordPress Related Posts WordPress plugin was affected by a Cross-Site Request Forgery security vulnerability...

Related Posts 2.7.1 - Cross-Site Request Forgery

The related-posts WordPress plugin was affected by a Cross-Site Request Forgery security vulnerability...

Allow PHP in Posts & Pages <= 2.0.0.RC2 - SQL Injection

The Allow PHP in Posts and Pages WordPress plugin was affected by a SQL Injection security vulnerability...

Video Posts Webcam Recorder < 1.55.5 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The Video Posts Webcam Recorder WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability. https://example.com/wp-content/plugins/video-posts-webcam-recorder/posts/videowhisper/rlogout.php?message=message'//...

CVE-2014-4717

Multiple cross-site request forgery CSRF vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 ssbasharetext parameter in a save...

CVE-2014-4717

Multiple cross-site request forgery CSRF vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 ssbasharetext parameter in a save...

CVE-2014-4568

Cross-site scripting XSS vulnerability in posts/videowhisper/rlogout.php in the Video Posts Webcam Recorder plugin 1.55.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter...