Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-8842

Malware in sbrugna...

4.3CVSS5.9AI score0.11897EPSS
Exploits5References4
NVD
NVD
added 2019/11/06 9:15 p.m.22 views

CVE-2014-9013

The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmpppajaxcall with an execution target of wpinsertuser...

8.8CVSS8.5AI score0.47867EPSS
Exploits5References1
NVD
NVD
added 2019/11/06 9:15 p.m.17 views

CVE-2014-9014

Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. dot dot in the file parameter...

4.3CVSS4.4AI score0.11897EPSS
Exploits5References2
Prion
Prion
added 2019/11/06 9:15 p.m.16 views

Design/Logic Flaw

The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmpppajaxcall with an execution target of wpinsertuser...

6.5CVSS7.2AI score0.47867EPSS
Exploits5References1Affected Software1
Prion
Prion
added 2019/11/06 9:15 p.m.14 views

Directory traversal

Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. dot dot in the file parameter...

4CVSS6.7AI score0.11897EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2019/11/06 8:34 p.m.28 views

CVE-2014-9013

The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmpppajaxcall with an execution target of wpinsertuser...

8.6AI score0.47867EPSS
Exploits5References1
CVE
CVE
added 2019/11/06 8:34 p.m.141 views

CVE-2014-9013

Summary: CVE-2014-9013 affects the WordPress WP Marketplace plugin (version 2.4.0) and is triggered via the ajaxinit function in wpmarketplace/libs/cart.php. The vulnerability allows remote authenticated users to call wpmp_pp_ajax_call and, through the execution target wp_insert_user or related c...

8.8CVSS8.4AI score0.47867EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2019/11/06 8:34 p.m.26 views

CVE-2014-9014

Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. dot dot in the file parameter...

4.7AI score0.11897EPSS
Exploits5References2
CVE
CVE
added 2019/11/06 8:34 p.m.121 views

CVE-2014-9014

The CVE-2014-9014 entry corresponds to a directory traversal vulnerability in WP Marketplace (WordPress plugin) before 2.4.1. An authenticated user could exploit an improper file parameter handling in wpmarketplace/libs/cart.php (ajaxinit) to download arbitrary files via a .. path traversal. Publ...

4.3CVSS5.9AI score0.11897EPSS
Exploits5References2Affected Software1
WPVulnDB
WPVulnDB
added 2016/10/14 12:0 a.m.13 views

WP Marketplace - Arbitrary File Upload

The wpmarketplace WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

2.8AI score
Exploits0References2Affected Software1
0day.today
0day.today
added 2015/03/21 12:0 a.m.50 views

Wordpress WP Marketplace 2.4.0 Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: WP Marketplace 2.4.0 Arbitrary File Download Date: 26-10-2014 Software Link: https://wordpress.org/plugins/wpmarketplace/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/...

6.5AI score0.47867EPSS
Exploits6
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.7 views

WP Marketplace 1.1.0 - Shell Upload

The wp-marketplace WordPress plugin was affected by a Shell Upload security vulnerability...

1.8AI score
Exploits0References1Affected Software1
0day.today
0day.today
added 2012/06/05 12:0 a.m.15 views

Wordpress WP Marketplace Plugin 1.5.0 - 1.6.1 Arbitrary File Upload

Exploit for php platform in category web applications Description : Wordpress Plugins - WP Marketplace Shell Upload Vulnerability Version : 1.5.0 - 1.6.1 Link : http://wordpress.org/extend/plugins/wpmarketplace/ Plugins : http://downloads.wordpress.org/plugin/wpmarketplace.zip Date : 26-05-2012...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/09/19 12:0 a.m.37 views

WordPress Plugin timthumb.php Shell Upload

Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the timthumb.php library. By hosting a malicious GIF file...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2011/09/19 12:0 a.m.57 views

Multiple WordPress Plugins - 'timthumb.php' File Upload

Exploit Title: Multiple Wordpress timthumb.php reuse vulnerabilities Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing --- Description --- The following Wordpress plugins reuse a vulnerable version of the timthumb.php library. By hosting a malicious GIF file...

7.4AI score
Exploits0
Rows per page
Query Builder