2157 matches found
WordPress Theme Real Estate 2.8.9 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Real Estate 7 - Real Estate WordPress Theme v2.8.9 Persistent XSS Injection Google Dork: inurl:"/wp-content/themes/realestate-7/" Author: m0ze Vendor Homepage: https://contempothemes.com Software Link:...
Zoner - Real Estate <= 4.1 - Reflected & Stored XSS
Weak security measures like bad input fields data filtering has been discovered in the 'Zoner - Real Estate WordPress Theme'. PoC PoC Stored XSS Injection: Register on the demo website and go to https://zoner.fruitfulcode.com/author/yourlogin/?profile-page=myprofile page. Inside any text field ty...
JobCareer < 2.5.1 - Authenticated Stored Cross-Site Scripting
Bad input fields data filtering has been discovered in the 'JobCareer | Job Board Responsive WordPress Theme'. PoC http://jobcareer.chimpgroup.com/candidate/asdasdasdasdasd/ Register a new account on the demo website: http://jobcareer.chimpgroup.com/ , then go to the «Resume» profile tab:...
warracres-ok.gov XSS vulnerability
Open Bug Bounty ID: OBB-681445 Description| Value ---|--- Affected Website:| warracres-ok.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
lucastexas.us XSS vulnerability
Open Bug Bounty ID: OBB-681444 Description| Value ---|--- Affected Website:| lucastexas.us Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
ketteringoh.org XSS vulnerability
Open Bug Bounty ID: OBB-681443 Description| Value ---|--- Affected Website:| ketteringoh.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
govtransformationexchange.org XSS vulnerability
Open Bug Bounty ID: OBB-681436 Description| Value ---|--- Affected Website:| govtransformationexchange.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv...
cityofportorchard.us XSS vulnerability
Open Bug Bounty ID: OBB-681427 Description| Value ---|--- Affected Website:| cityofportorchard.us Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...
george-west-tx.proudcity.com XSS vulnerability
Open Bug Bounty ID: OBB-681416 Description| Value ---|--- Affected Website:| george-west-tx.proudcity.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3...
elgl.org XSS vulnerability
Open Bug Bounty ID: OBB-681400 Description| Value ---|--- Affected Website:| elgl.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
westcarrollton.org XSS vulnerability
Open Bug Bounty ID: OBB-681399 Description| Value ---|--- Affected Website:| westcarrollton.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6...
colma.ca.gov XSS vulnerability
Open Bug Bounty ID: OBB-681373 Description| Value ---|--- Affected Website:| colma.ca.gov Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Proud City Wordpress Theme Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
BBE theme for WordPress HTML editor vulnerability
BBE theme for WordPress is a theme plugin for the WordPress platform. A security vulnerability exists in BBE theme for WordPress versions prior to 1.53. An attacker can exploit the vulnerability to launch the HTML editor directly...
CVE-2017-1000227
Stored XSS in Salutation Responsive WordPress + BuddyPress Theme version 3.0.15 could allow logged-in users to do almost anything an admin can...
Salutation Responsive < 3.0.16 - Stored XSS
The parallelus-salutation WordPress theme was affected by a Stored XSS security vulnerability...
Multiple Vulnerabilities in Wordpress Themes Qualifire
WordPress is a blogging platform developed using the PHP language that allows users to set up their weblogs on servers that support PHP and MySQL databases. A file upload and cross-site request forgery vulnerability exists in Wordpress Themes Qualifire, which can be exploited by remote attackers ...
WordPress Atahualpa Theme Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting in Atahualpa WordPress Theme ------------------------------------------------------------------------ Spyros Gasteratos, July 2016 ------------------------------------------------------------------------...
WordPress Atahualpa Theme Cross Site Request Forgery
------------------------------------------------------------------------ Cross-Site Request Forgery in Atahualpa WordPress Theme ------------------------------------------------------------------------ Spyros Gasteratos, July 2016...
WordPress ColorWay 3.4.1 Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in ColorWay WordPress Theme ------------------------------------------------------------------------ Yorick Koster, July 2016...
WordPress Theme Creative Multi-Purpose 9.1.3 - Persistent Cross-Site Scripting
Vendor Homepage: http://bridge.qodeinteractive.com/ Software Link: http://themeforest.net/item/bridge-creative-multipurpose-wordpress-theme/7315054 Version: 9.1.3 Tested on: Debian 8, PHP 5.6.17-3 Type: Stored XSS, Ability to overwrite any theme settings. Time line: Found 23-Apr-2016, Vendor...