2135 matches found
JobCareer < 2.5.1 - Authenticated Stored Cross-Site Scripting
Bad input fields data filtering has been discovered in the 'JobCareer | Job Board Responsive WordPress Theme'. PoC http://jobcareer.chimpgroup.com/candidate/asdasdasdasdasd/ Register a new account on the demo website: http://jobcareer.chimpgroup.com/ , then go to the «Resume» profile tab:...
warracres-ok.gov XSS vulnerability
Open Bug Bounty ID: OBB-681445 Description| Value ---|--- Affected Website:| warracres-ok.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
lucastexas.us XSS vulnerability
Open Bug Bounty ID: OBB-681444 Description| Value ---|--- Affected Website:| lucastexas.us Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
ketteringoh.org XSS vulnerability
Open Bug Bounty ID: OBB-681443 Description| Value ---|--- Affected Website:| ketteringoh.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
govtransformationexchange.org XSS vulnerability
Open Bug Bounty ID: OBB-681436 Description| Value ---|--- Affected Website:| govtransformationexchange.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv...
cityofportorchard.us XSS vulnerability
Open Bug Bounty ID: OBB-681427 Description| Value ---|--- Affected Website:| cityofportorchard.us Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
george-west-tx.proudcity.com XSS vulnerability
Open Bug Bounty ID: OBB-681416 Description| Value ---|--- Affected Website:| george-west-tx.proudcity.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...
elgl.org XSS vulnerability
Open Bug Bounty ID: OBB-681400 Description| Value ---|--- Affected Website:| elgl.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
westcarrollton.org XSS vulnerability
Open Bug Bounty ID: OBB-681399 Description| Value ---|--- Affected Website:| westcarrollton.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6...
colma.ca.gov XSS vulnerability
Open Bug Bounty ID: OBB-681373 Description| Value ---|--- Affected Website:| colma.ca.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
BBE theme for WordPress HTML editor vulnerability
BBE theme for WordPress is a theme plugin for the WordPress platform. A security vulnerability exists in BBE theme for WordPress versions prior to 1.53. An attacker can exploit the vulnerability to launch the HTML editor directly...
CVE-2017-1000227
Stored XSS in Salutation Responsive WordPress + BuddyPress Theme version 3.0.15 could allow logged-in users to do almost anything an admin can...
Salutation Responsive < 3.0.16 - Stored XSS
The parallelus-salutation WordPress theme was affected by a Stored XSS security vulnerability...
Multiple Vulnerabilities in Wordpress Themes Qualifire
WordPress is a blogging platform developed using the PHP language that allows users to set up their weblogs on servers that support PHP and MySQL databases. A file upload and cross-site request forgery vulnerability exists in Wordpress Themes Qualifire, which can be exploited by remote attackers ...
WordPress Atahualpa Theme Cross Site Request Forgery
------------------------------------------------------------------------ Cross-Site Request Forgery in Atahualpa WordPress Theme ------------------------------------------------------------------------ Spyros Gasteratos, July 2016...
WordPress Atahualpa Theme Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting in Atahualpa WordPress Theme ------------------------------------------------------------------------ Spyros Gasteratos, July 2016 ------------------------------------------------------------------------...
WordPress ColorWay 3.4.1 Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in ColorWay WordPress Theme ------------------------------------------------------------------------ Yorick Koster, July 2016...
WordPress Theme Creative Multi-Purpose 9.1.3 - Persistent Cross-Site Scripting
Vendor Homepage: http://bridge.qodeinteractive.com/ Software Link: http://themeforest.net/item/bridge-creative-multipurpose-wordpress-theme/7315054 Version: 9.1.3 Tested on: Debian 8, PHP 5.6.17-3 Type: Stored XSS, Ability to overwrite any theme settings. Time line: Found 23-Apr-2016, Vendor...
Wordpress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability
No description provided by source...
ScoreMe Theme - Unauthenticated Reflected Cross-Site Scripting (XSS)
The scoreme WordPress theme was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability...