CVE-2017-5612

Cross-site scripting XSS vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt...

CVE-2017-5610

wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms...

CVE-2017-5612

Cross-site scripting XSS vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt...

CVE-2017-5612

Cross-site scripting XSS vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt...

CVE-2017-5612

Cross-site scripting XSS vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt...

Ian Dunn: HTML injection-WordCamp Talks plugin

This report was about the possibility to inject malicious HTML into wp-admin via comments on the talks post type. Examples of malicious input were: The report suggested that those input could be used in phishing attacks, since the images would be displayed in wp-admin, where an administrator migh...

CVE-2016-7169

Directory traversal vulnerability in the FileUploadUpgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenticated users to access arbitrary files via a crafted urlholder parameter...

CVE-2016-7169

CVE-2016-7169 is a directory-traversal vulnerability in WordPress prior to 4.6.1. The flaw resides in the File_Upload_Upgrader class (wp-admin/includes/class-file-upload-upgrader.php) of the upgrade package uploader, allowing remote authenticated users to access arbitrary files via a crafted urlh...

CVE-2016-6635

Cross-site request forgery CSRF vulnerability in the wpajaxwpcompressiontest function in wp-admin/includes/ajax-actions.php in WordPress before 4.5 allows remote attackers to hijack the authentication of administrators for requests that change the script compression option...

WordPress Selected Text Sharer 1.0 CSRF / XSS

==================== + Exploit Title : WP Selected Text Sharer CSRF/XSS + Exploit Author :bl4ckmohajem + Date : 2015/09/24 + Version : 1.0 + Tested on : Elementary Os + Vendor Homepage : http://www.aakashweb.com/wordpress-plugins/wp-selected-text-sharer/...

Ian Dunn: User enumeration in wp-admin

Hi, I have found that in the page wp-admin possible to perform user enumeration though differences in error massages: if user exist the site will return :" ERROR: The password you entered for the username admin is incorrect." if user not exit: Invalid username...

WordPress Live Chat Support 6.2.00 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in WP Live Chat Support plugin ------------------------------------------------------------------------ Han Sahin, July 2016...

CVE-2016-5833

CVE-2016-5833 is a cross-site scripting (XSS) vulnerability in WordPress affecting WordPress core prior to 4.5.3. The issue resides in the column_title function of wp-admin/includes/class-wp-media-list-table.php, which allows remote attackers to inject arbitrary script or HTML via a crafted attac...

WordPress <= 4.5.2 - Session Hijacking

This vulnerability allows an attacker to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/revision.php. Solution Update WordPress...

WordPress <= 4.5.2 - XSS #2

WordPress 4.5.2 and previous versions are prone to a cross-site scripting vulnerability in the columntitle function in wp-admin/includes/class-wp-media-list-table.php. It allows an attacker to inject arbitrary web script or HTML via a crafted attachment name. Related:...

CVE-2016-1564

Multiple cross-site scripting XSS vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a 1 stylesheet name or 2 template name to wp-admin/customize.php...

CVE-2016-1564

Multiple cross-site scripting XSS vulnerabilities in wp-includes/class-wp-theme.php in WordPress before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a 1 stylesheet name or 2 template name to wp-admin/customize.php...

Sola Support Ticket <= 3.12 - XSS & Configuration Change

Any logged in user with any role and access to wp-admin in any way can update plugin settings including allowing HTML to be parsed. One can also change any notification messages to include JS which then can be used to obtain information by forgery. Make POST request to /wp-admin with parameters...

WordPress Sola Support Ticket Plugin <= 3.12 - Multiple Vulnerabilities

Anyone, who is logged in user and access to wp-admin, can update settings, allowing HTML to be analyzed. For this reason, information can be obtained. Solution Update the plugin...

Directory traversal

Directory traversal vulnerability in the GD bbPress Attachments plugin before 2.3 for WordPress allows remote administrators to include and execute arbitrary local files via a .. dot dot in the tab parameter in the gdbbpressattachments page to wp-admin/edit.php...