65 matches found
WordPress File Upload Plugin 4.3.2 - Stored Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugin WordPress File Upload 4.3.2 - Stored XSS Date: 31/03/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iptanus.com/ Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip Version: 4.3.2...
WordPress Plugin WordPress File Upload Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Iptanus WordPress File Upload plugin is used in one of the file upload plugin. A security vulnerability exists in...
Default credentials
The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes...
CVE-2014-5199
CVE-2014-5199 is a CSRF vulnerability in the WordPress File Upload plugin (wp-file-upload) for WordPress, affecting versions before 2.4.2. The issue allows remote attackers to hijack the administrator’s authentication for requests that change plugin settings via unspecified vectors. Root cause is...
CVE-2014-5199
Cross-site request forgery CSRF vulnerability in the WordPress File Upload plugin wp-file-upload before 2.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. NOTE: some of these details are...