Lucene search
K

6300 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.75 views

WordPress 2.3.1 Unauthorized Post Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26885/info WordPress is prone to a vulnerability that lets unauthorized users read draft posts before they have been published. This issue affects WordPress 2.3.1; other versions may also be affected. NOTE: This BID is...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

WordPress Allow PHP in Posts and Pages plugin <= 2.0.0.RC1 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Allow PHP in Posts and Pages plugin = 2.0.0.RC1 SQL Injection Vulnerability Date: 2011-08-18 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2014/06/27 12:0 a.m.52 views

Wordpress TimThumb 2.8.13 WebShot - Remote Code Execution Exploit

Exploit for php platform in category web applications | | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Wordpress TimThumb 2.8.13 WebShot Remote Code Execution 0-day Affected website : a lot Wordpress Themes, Plugins, 3rd party components...

7.1AI score
Exploits0
0day.today
0day.today
added 2014/06/27 12:0 a.m.36 views

Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities

Exploit for php platform in category web applications Details ================ Software: Simple Share Buttons Adder Version: 4.4 Homepage: https://wordpress.org/plugins/simple-share-buttons-adder/ Advisory report:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/06/24 12:0 a.m.210 views

Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) - &#039;WebShot&#039; Remote Code Execution

| | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Wordpress TimThumb 2.8.13 WebShot Remote Code Execution 0-day Affected website : a lot Wordpress Themes, Plugins, 3rd party components Exploit Author : @u0x Pichaya Morimoto Release dates :...

7AI score
Exploits0
Patchstack
Patchstack
added 2014/06/23 12:0 a.m.20 views

WordPress Video Posts Webcam Recorder Plugin <= 1.55.4 - XSS

Because of this vulnerability in posts/videowhisper/rlogout.php, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

4.3CVSS2AI score0.01618EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2014/06/02 3:55 p.m.26 views

CVE-2014-3937

SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.02031EPSS
Exploits0References1
NVD
NVD
added 2014/06/02 3:55 p.m.22 views

CVE-2013-3476

Cross-site request forgery CSRF vulnerability in the WordPress Related Posts plugin before 2.6.2 for WordPress allows remote attackers to hijack the authentication of users for requests that change settings via unspecified vectors...

6.8CVSS7.2AI score0.0107EPSS
Exploits0References4
NVD
NVD
added 2014/06/02 3:55 p.m.20 views

CVE-2013-3257

Cross-site request forgery CSRF vulnerability in the Related Posts plugin before 2.7.2 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via unspecified vectors...

6.8CVSS7.2AI score0.0107EPSS
Exploits0References4
NVD
NVD
added 2014/06/02 3:55 p.m.22 views

CVE-2013-2710

Cross-site request forgery CSRF vulnerability in the Contextual Related Posts plugin before 1.8.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via unspecified vectors...

6.8CVSS6.5AI score0.01052EPSS
Exploits0References4
Prion
Prion
added 2014/06/02 3:55 p.m.18 views

Sql injection

SQL injection vulnerability in the Contextual Related Posts plugin before 1.8.10.2 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.02031EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2014/06/02 3:55 p.m.17 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the WordPress Related Posts plugin before 2.6.2 for WordPress allows remote attackers to hijack the authentication of users for requests that change settings via unspecified vectors...

6.8CVSS7.6AI score0.0107EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2014/06/02 3:55 p.m.20 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Contextual Related Posts plugin before 1.8.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via unspecified vectors...

6.8CVSS6.7AI score0.01052EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/06/02 3:0 p.m.26 views

CVE-2013-3257

Cross-site request forgery CSRF vulnerability in the Related Posts plugin before 2.7.2 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via unspecified vectors...

7.2AI score0.0107EPSS
Exploits0References4
CVE
CVE
added 2014/06/02 3:0 p.m.41 views

CVE-2013-2710

CVE-2013-2710 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Contextual Related Posts before version 1.8.7 . The flaw allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) via unspecified ve...

6.8CVSS6.6AI score0.01052EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/06/02 3:0 p.m.20 views

CVE-2013-3476

Cross-site request forgery CSRF vulnerability in the WordPress Related Posts plugin before 2.6.2 for WordPress allows remote attackers to hijack the authentication of users for requests that change settings via unspecified vectors...

7.2AI score0.0107EPSS
Exploits0References4
CVE
CVE
added 2014/06/02 3:0 p.m.46 views

CVE-2014-3937

The CVE-2014-3937 issue affects the WordPress Contextual Related Posts plugin and is a SQL injection in the plugin’s code prior to version 1.8.10.2. Affected component: Contextual Related Posts plugin for WordPress. Root cause: improper handling of input that leads to arbitrary SQL execution. Imp...

7.5CVSS8.7AI score0.02031EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2014/06/02 3:0 p.m.27 views

CVE-2013-2710

Cross-site request forgery CSRF vulnerability in the Contextual Related Posts plugin before 1.8.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via unspecified vectors...

6.5AI score0.01052EPSS
Exploits0References4
CVE
CVE
added 2014/06/02 3:0 p.m.42 views

CVE-2013-3476

The CVE concerns the WordPress Related Posts plugin (prior to version 2.6.2) for WordPress, where a Cross-Site Request Forgery (CSRF) vulnerability could allow remote attackers to hijack user authentication and perform settings changes via unspecified vectors. The underlying issue is a CSRF flaw ...

6.8CVSS7.4AI score0.0107EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2014/06/02 3:0 p.m.40 views

CVE-2013-3257

Summary of CVE-2013-3257 (WordPress Related Posts plugin): The Related Posts plugin for WordPress is affected by a CSRF vulnerability in versions before 2.7.2 that allows remote attackers to hijack the authentication of users and perform settings-modification actions via unspecified vectors. The ...

6.8CVSS7.4AI score0.0107EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder