CVE-2018-25106 webuidesigning NebulaX Theme Legacy.php nebula_send_to_hubspot sql injection

A vulnerability, which was classified as critical, has been found in webuidesigning NebulaX Theme up to 5.0 on WordPress. This issue affects the function nebulasendtohubspot of the file libs/Legacy/Legacy.php. The manipulation leads to sql injection. The attack may be initiated remotely. The patc...

UBUNTU-CVE-2019-16217

WordPress before 5.2.3 allows XSS in media uploads because wpajaxuploadattachment is mishandled...

Users Ultra <= 1.4.35 - SQL Injection

The AJAX action ‘editphotocate’, which is defined in the file ‘users-ultra/addons/photocategories/admin/admin.php’, allows for SQL Injection via the POST parameter ‘cateid’. This parameter is used in a call to the WordPress function ‘$wpdb-getresults’ without being sanitized. This action is...

WordPress Better WP Security 3.6.3 XSS / Disclosure

Exploit Title: Wordpress Plugin - Better WP Security multiple vulnerability Date: 2014 11 Fabruary Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: https://wordpress.org/plugins/better-wp-security/ Tested on: Lin...