328 matches found
WordPress Ads Pro plugin <= 3.4 - Cross-Site Scripting / SQL Injection
bsaproid $GET parameter is vulnerable to SQL injection. Payload example: bsaprostats=1&[email protected]&bsaproid=xx AND 1707=1707 The payload works when the ad is displayed. Solution Update the plugin to the latest version...
WordPress FB Survey Pro Plugin - Cross Site Scripting
This plugin is prone to a cross site scripting vulnerability. Solution Update the plugin...
WordPress FB Survey Pro Plugin - Cross Site Scripting
This plugin is prone to a cross site scripting vulnerability. Solution Update the plugin...
VulnCheck KEV: CVE-2014-9735
The ThemePunch Slider Revolution revslider plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to 1 upload and execute arbitrary files via an...
WordPress Paid Memberships Pro Plugin 1.7.14 - Directory Traversal
This vulnerability is in the services/getfile.php, It allows the attackers to read arbitrary files in the QUERYSTRING in a getfile action to wp-admin/admin-ajax.php. Solution Update the plugin...
CVE-2013-1407
The CVE-2013-1407 vulnerabilities affect the WordPress plugin Events Manager and the Events Manager Pro plugin, with multiple input vectors (scope, _wpnonce, user_name, dbem_phone, user_email, booking_comment) leading to XSS . Root cause: insufficient input validation/filtration in the index.php ...
[CrowdRE] Reverse Engineering Tool
A new project called CrowdRE aims to make it easy for the reverse engineering of complex applications working in collaboration with other users. Normally, the process reversing software from a complicated binary can consume much time, CrowdRE will help accelerate this process through teamwork...
PT-2011-3363 · Gnu +1 · Gimp +1
Name of the Vulnerable Software and Affected Versions: GIMP version 2.6.11 Description: The issue is related to a heap-based buffer overflow in the read channel data function in the Paint Shop Pro PSP plugin. This can be triggered by a PSP COMP RLE aka RLE compression image file that begins a lon...