4 matches found
WordPress Advanced Uploader plugin <= 4.2 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Roel van Beurden in WordPress Advanced Uploader plugin versions = 4.2. Solution Deactivate and delete. This plugin has been closed as of March 28, 2022 and is not available for download. This closure is temporary, pending a full review...
WordPress Popup Maker plugin <= 1.16.4 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by Roel van Beurden in WordPress Popup Maker plugin versions = 1.16.4. Solution Update the WordPress Popup Maker plugin to the latest available version at least 1.16.5...
CMS Made Simple 2.2.14 - Persistent Cross-Site Scripting (Authenticated)
Exploit Title: CMS Made Simple 2.2.14 - Persistent Cross-Site Scripting Authenticated Google Dork: - Date: 2020-09-29 Exploit Author: Roel van Beurden Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: http://s3.amazonaws.com/cmsms/downloads/14793/cmsms-2.2.14-install.zip Version:...
Fuel CMS 1.4.7 - (col) SQL Injection (Authenticated) Vulnerability
Exploit for php platform in category web applications Exploit Title: Fuel CMS 1.4.7 - 'col' SQL Injection Authenticated Exploit Author: Roel van Beurden Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.7.zip Version: 1.4.7 Tested o...