Lucene search
K

212 matches found

Exploit DB
Exploit DB
added 2013/01/22 12:0 a.m.28 views

WordPress Plugin Developer Formatter - Cross-Site Request Forgery

==================================================================================================================== Exploit Title: Wordpress Developer Formatter CSRF Vulnerability Google Dork: inurl:devformatter/devformatter.php Date: 21/01/13 Author: Junaid Hussain - illSecure Research Group -...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2012/12/17 12:0 a.m.194 views

WordPress Portable phpMyAdmin Plugin 'wp-pma-mod' Security Bypass Vulnerability

WordPress Portable phpMyAdmin Plugin is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.4AI score0.23745EPSS
Exploits6References7
0day.today
0day.today
added 2012/09/22 12:0 a.m.34 views

WordPress 3.4.2 Cross Site Request Forgery

Exploit for php platform in category web applications ============================================================ Vulnerable Software: WordPress Version 3.4.2 Downloaded from: http://wordpress.org/latest.zip MD5SUM: d670508d81e2fd060c2041441bc03300 wordpress-3.4.2.zip...

7.1AI score
Exploits0
OSV
OSV
added 2011/08/10 9:55 p.m.10 views

CVE-2011-3128

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php...

6.2AI score
Exploits0References6
securityvulns
securityvulns
added 2009/03/12 12:0 a.m.46 views

[ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability

============================================= INTERNET SECURITY AUDITORS ALERT 2009-004 - Original release date: December 3rd, 2008 - Last revised: March 10th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.3/10 CVSS scored ============================================= I. VULNERABILITY...

6.6AI score
Exploits0
OSV
OSV
added 2007/08/03 8:17 p.m.9 views

CVE-2007-4154

SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the pageoptions parameter to 1 options-general.php, 2 options-writing.php, 3 options-reading.php, 4 options-discussion.php, 5 options-privacy.php, 6...

7.8AI score
Exploits0References4
seebug.org
seebug.org
added 2007/04/04 12:0 a.m.58 views

Wordpress 2.1.2 (xmlrpc) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w Wordpress 2.1.2 SQL Injection POC Credits: [email protected] Thanks to ferruh [email protected] improving my exploitation skills website:www.notsosecure.com Wordpress version 2.1.2 is vulnerable to sql injection. This POC works when...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2006/09/13 10:7 p.m.30 views

CVE-2006-4743

WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensitive information via a direct request for 1 404.php, 2 akismet.php, 3 archive.php, 4 archives.php, 5 attachment.php, 6 blogger.php, 7 comments.php, 8 comments-popup.php, 9 dotclear.php, 10 footer.php, 11 functions.php, 12...

5CVSS6AI score0.02411EPSS
Exploits0References1
OSV
OSV
added 2006/03/03 11:2 a.m.10 views

CVE-2006-0986

WordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct request to 1 default-filters.php, 2 template-loader.php, 3 rss-functions.php, 4 locale.php, 5 wp-db.php, and 6 kses.php in the wp-includes/ directory; and 7 edit-form-advanced.php, 8...

4.9AI score
Exploits0References8
OSV
OSV
added 2005/07/05 4:0 a.m.10 views

CVE-2005-2109

wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use...

6.6AI score
Exploits0References4
Exploit DB
Exploit DB
added 2004/12/16 12:0 a.m.22 views

WordPress Core 1.2.1/1.2.2 - 'link-manager.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/11984/info Wordpress is reported vulnerable to multiple cross-site scripting, HTML injection, and SQL injection vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied data. The cross-site scripting and HTML injection issue...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/28 12:0 a.m.37 views

WordPress < 1.2.2 Multiple XSS

The remote version of WordPress is vulnerable to cross-site scripting attacks due to a failure of the application to properly sanitize user- supplied URI input. As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be...

4.3CVSS5.4AI score0.06465EPSS
Exploits1References2
Rows per page
Query Builder