22 matches found
Wordpress Plugin Catch Themes Demo Import RCE
The Wordpress Plugin Catch Themes Demo Import versions use exploit/multi/http/wpcatchthemesdemoimport msf exploitwpcatchthemesdemoimport show targets ...targets... msf exploitwpcatchthemesdemoimport set TARGET msf exploitwpcatchthemesdemoimport show options ...show and set options... msf...
WordPress Easy Registration Forms plugin <= 2.1.1 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)
Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Thinkland Security Team in WordPress Easy Registration Forms plugin versions = 2.1.1. Solution Deactivate and delete. This plugin has been closed as of November 12, 2021 and is not available for...
WordPress Easy Google Maps plugin <= 1.9.33 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Easy Google Maps plugin versions = 1.9.33. Solution Update the WordPress Easy Google Maps plugin to the latest available version at least 1.10.1...
WordPress Notification plugin <= 7.2.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Notification plugin versions = 7.2.4. Solution Update the WordPress Notification plugin to the latest available version at least 8.0.0...
WordPress Catch Themes Demo Import plugin <= 1.7 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Thinkland Security Team in WordPress Catch Themes Demo Import plugin versions = 1.7. Solution Update the WordPress Catch Themes Demo Import plugin to the latest available version at least 1.8...
WordPress Easy Digital Downloads plugin <= 2.11.2 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability
Authenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Easy Digital Downloads plugin versions = 2.11.2. Solution Update the WordPress Easy Digital Downloads plugin to the latest available version at least 2.11.2.1...
WordPress Simple Job Board plugin <= 2.9.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Simple Job Board plugin versions = 2.9.4. Solution Update the WordPress Simple Job Board plugin to the latest available version at least 2.9.5...
WordPress LearnPress plugin <= 4.1.3.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress LearnPress plugin versions = 4.1.3.1. Solution Update the WordPress LearnPress plugin to the latest available version at least 4.1.3.2...
WordPress Content Staging <= 2.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Content Staging versions = 2.0.1. Solution Deactivate and delete. This plugin has been closed as of October 15, 2021 and is not available for download. This closure is temporary, pending...
WordPress Leaky Paywall plugin <= 4.16.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Leaky Paywall plugin versions = 4.16.5. Solution Update the WordPress Leaky Paywall plugin to the latest available version at least 4.16.6...
WordPress MPL-Publisher – Self-publish your book & ebook plugin <= 1.30.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress MPL-Publisher – Self-publish your book & ebook plugin versions = 1.30.2. Solution Update the WordPress MPL-Publisher – Self-publish your book & ebook plugin to the latest available versi...
WordPress Indeed Job Importer plugin <= 1.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Indeed Job Importer plugin versions = 1.0.5. Solution Deactivate and delete. This plugin has been closed as of October 14, 2021 and is not available for download. This closure is...
WordPress MyBB Cross-Poster plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress MyBB Cross-Poster plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary,...
WordPress WpGenius Job Listing plugin <= 1.0.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress WpGenius Job Listing plugin versions = 1.0.3. Solution Update the WordPress WpGenius Job Listing plugin to the latest available version at least 1.0.4...
WordPress KJM Admin Notices plugin <= 2.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress KJM Admin Notices plugin versions = 2.0.1. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary...
WordPress HAL plugin <= 2.1.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress HAL plugin versions = 2.1.1. Solution Update the WordPress HAL plugin to the latest available version at least 2.2...
WordPress Author Bio Box plugin <= 3.4.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Author Bio Box plugin versions = 3.4.0. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary,...
WordPress Job Board Vanila plugin <= 1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Job Board Vanila plugin versions = 1.0. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary,...
WordPress Job Manager plugin <= 0.7.25 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Job Manager plugin versions = 0.7.25. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary,...
WordPress Formidable Forms plugin <= 5.0.06 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Thinkland Security Team in WordPress Formidable Forms plugin versions = 5.0.06. Solution Update the WordPress Formidable Forms plugin to the latest available version at least 5.0.07...