7 matches found
Wpscvn - Wpscvn Is A Tool For Pentesters, Website Owner To Test If Their Websites Had Some Vulnerable Plugins Or Themes
wpscvn is a tool for pentesters, website owner to test if their websites had some vulnerable plugins or themes The author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law. requires : Python 3 usage ...
Critical WordPress Plugin Flaw Allows Site Takeover
Researchers are urging WordPress websites that utilize the NextGen Gallery plugin to apply a patch addressing critical and high-severity flaws. The NextGen Gallery plugin, which is installed on 800,000 WordPress websites, allows sites to upload photos in batch quantities, import metadata and edit...
Cross site scripting
mdBook is a utility to create modern online books from Markdown files and is written in Rust. In mdBook before version 0.4.5, there is a vulnerability affecting the search feature of mdBook, which could allow an attacker to execute arbitrary JavaScript code on the page. The search feature of mdBo...
The Rise of the Open Bug Bounty Project
Can you imagine launching a global bug bounty platform with almost 500,000 submissions and 13,000 researchers without consuming a cent from venture capitalists? If not, this success story is for you. The once skyrocketing bug bounty industry seems to be not in the best shape today. While prominen...
investors.ccbg.com Open Redirect vulnerability
Vulnerable URL: http://investors.ccbg.com/PDFPageView.aspx?iid=100774=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| Yes, at 16.03.2016 Latest check for patch:| 16.03.2016 04:27 GMT Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank|...
Popular WordPress Themes, Plug-Ins Vulnerable to Attack
Since late March, no fewer than a half-dozen high profile attacks have involved a compromised website built on the WordPress platform. Attackers abuse vulnerabilities in the content management system’s customizable plug-ins and themes to pull off anything from drive-by downloads to watering hole...
Net Solutions' Hack Heightens Role of ISP in App Layer Security
According to research, the malicious iframe used in the latest Network Solutions attack pointed to corpadsinc.com which then downloads Adobe exploits onto victims’ machines. The hacks raise an issue increasingly being faced by Website owners: what’s the responsibility of the ISP or service or clo...