4 matches found
CVE-2024-1516
The WP eCommerce plugin for WordPress is vulnerable to unauthorized arbitrary post creation due to a missing capability check on the checkforsaaspush function in all versions up to, and including, 3.15.1. This makes it possible for unauthenticated attackers to create arbitrary posts with arbitrar...
YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
Exploit Title: YouTube Automated CMS 1.0.1 / 1.0.7 - CSRF to Persistent XSS Date: 14 October 2016 Exploit Author: Arbin Godar Website : ArbinGodar.com Software Link: https://codecanyon.net/item/youtube-automated-cms/12021939 Version: 1.0.1 to 1.0.7...
WordPress Plugin Advanced Video 1.0 - Local File Inclusion
WordPress Plugin Advanced Video 1.0 - Local File Inclusion !/usr/bin/env python Exploit Title: Advanced-Video-Embed Arbitrary File Download / Unauthenticated Post Creation Google Dork: N/A Date: 04/01/2016 Exploit Author: evait security GmbH Vendor Homepage: arshmultani - http://dscom.it/ Softwar...
WordPress Advanced Video 1.0 Local File Inclusion
!/usr/bin/env python Exploit Title: Advanced-Video-Embed Arbitrary File Download / Unauthenticated Post Creation Google Dork: N/A Date: 04/01/2016 Exploit Author: evait security GmbH Vendor Homepage: arshmultani - http://dscom.it/ Software Link:...