2 matches found
PT-2025-2262 · WordPress · Icontrolwp
Name of the Vulnerable Software and Affected Versions: iControlWP – Multiple WordPress Site Manager plugin for WordPress versions up to, and including, 4.4.5 Description: The issue is related to PHP Object Injection via deserialization of untrusted input from the reqpars parameter. This allows...
PT-2014-6070 · WordPress · Simple Share Buttons Adder
Name of the Vulnerable Software and Affected Versions: Simple Share Buttons Adder plugin versions prior to 4.5 Description: The issue allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks. This is possible via the ssba...