36 matches found
WordPress simple-fields plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. simple-fields is a custom fields plugin used in it. WordPress simple-fields plug-in exists piece of cross-site request forgery...
CVE-2013-7476
The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface...
CVE-2013-7476
The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface...
CVE-2013-7476
The connected advisories confirm a CSRF vulnerability in the WordPress Simple Fields plugin prior to version 1.2, affecting the admin interface. Root cause: CSRF in admin actions could allow unauthorized requests when an authenticated admin visits a malicious page. Impact is described in CVE reco...
CVE-2015-9302
The CVE-2015-9302 entry concerns the WordPress Simple Fields plugin. Affected product: WordPress with the simple-fields plugin versions prior to 1.4.11. Issue: Cross-Site Scripting (XSS) vulnerability in the plugin, as indicated by multiple sources (e.g., Red Hat, CNVD, CVE records). Root cause a...
CVE-2015-9302
The simple-fields plugin before 1.4.11 for WordPress has XSS...
PT-2019-7261 · WordPress · Simple-Fields
Name of the Vulnerable Software and Affected Versions: simple-fields plugin versions prior to 1.4.11 Description: The issue concerns a Cross-Site Scripting XSS problem. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-worl...
WordPress Simple Fields Plugin 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution Vul
Exploit for php platform in category web applications Exploit Title: Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE Exploit Author: Graeme Robinson Contact: @Grasec Vendor Homepage: http://simple-fields.com Software Link: https://downloads.wordpress.org/plugin/simple-fields.0.3.5.zip Version: 0.2 - 0.3.5...
WordPress Simple Fields 0.3.5 File Inclusion / Remote Code Execution
Exploit Title: Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE Date: 2018-04-08 Exploit Author: Graeme Robinson Contact: @Grasec Vendor Homepage: http://simple-fields.com Software Link: https://downloads.wordpress.org/plugin/simple-fields.0.3.5.zip Version: 0.2 - 0.3.5 Tested on: Ubuntu 16.04.4 + PHP 5.3.0...
WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution
Exploit Title: Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE Date: 2018-04-08 Exploit Author: Graeme Robinson Contact: @Grasec Vendor Homepage: http://simple-fields.com Software Link: https://downloads.wordpress.org/plugin/simple-fields.0.3.5.zip Version: 0.2 - 0.3.5 Tested on: Ubuntu 16.04.4 + PHP 5.3.0...
WordPress Plugin Simple Fields 0.2 - 0.3.5 - LocalRemote File Inclusion Remote Code Execution
WordPress Plugin Simple Fields 0.2 - 0.3.5 - LocalRemote File Inclusion Remote Code Execution Exploit Title: Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE Date: 2018-04-08 Exploit Author: Graeme Robinson Contact: @Grasec Vendor Homepage: http://simple-fields.com Software Link:...
WordPress Simple Fields Plugin <= 1.4.10 - Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...
Simple Fields <= 1.4.10 - Authenticated Reflected Cross-Site Scripting (XSS)
The Simple Fields WordPress plugin was affected by an Authenticated Reflected Cross-Site Scripting XSS security vulnerability...
WordPress Simple Fields Plugin 1.1.6 - Cross Site Request Forgery
This plugin is prone to a cross site request forgery vulnerability. Solution Update the plugin...
WordPress Simple Fields Plugin 0.3.5 - Remote File Inclusion
This plugin is prone to a remote file inclusion vulnerability. Solution Update the plugin...
WordPress Simple Fields Plugin <= 1.1.6 - Cross Site Request Forgery
This plugin is prone to a cross site request forgery vulnerability via admin functions. Solution Update the plugin...