4359 matches found
Outdated VRView Library Used, Leading to Reflected XSS
The vrview = 1.1.3 and wp-vr-view = 1.6 plugins are using an outdated version of the VRView library 2.0.2, which is affected by a reflected cross-site scripting issue. The PoC will be displayed once the issue has been remediated...
Simple Slideshow Manager <= 2.3 – Multiple Vulnerabilities
The Simple Slideshow Manager WordPress plugin was affected by security vulnerability. 3.1 Cross-Site Scripting Vulnerable Function: echo Vulnerable Variable: $GET'name' Vulnerable URL: http://www.vulnerablesite.com/wp-admin/admin.php?page=Acurax-Slideshow-AddImages&name="alert42 3.2 Cross-Site...
WA Form Builder 1.1 - Unauthenticated SQL Injection
$POST ‘waformsId’ is not escaped. WAFormBuilderuioutput is accessible to any user...
wordpress vertical image slider plugin < 1.2 - Cross-Site Scripting & CSRF
The lack of CSRF check and sanitisation could allow attackers to perform Cross-Site Scripting attack against logged in administrator, as well as upload arbitrary files XSS via CSRF: alert"XSS"' alert"XSS"' setTimeout'form1.submit', 1; Upload file via CSRF:...
Yet Another Related Posts Plugin (YARPP) 4.2.4 - CSRF / XSS / RCE
'Yet Another Related Posts Plugin' options can be updated with no token/nonce protection which an attacker may exploit via tricking website's administrator to enter a malformed page which will change YARPP options, and since some options allow html the attacker is able to inject malformed...
SP Project & Document Manager <= 2.5.3 - Blind SQL Injection
The SP Project & Document Manager WordPress plugin was affected by a Blind SQL Injection security vulnerability. http://www.example.com/wp-content/plugins/sp-client-document-manager/ajax.php?function=thumbnails&pid=SQLi...
Real Estate by Templatic - CSRF File Upload
Description The realestate WordPress theme was affected by a Templatic Theme CSRF File Upload security vulnerability. File Access: https://example.com/wp-content/themes/Realestate/images/tmp/yourshell.php...
Freemius Library < 2.2.4 - Subscriber+ Arbitrary Option Update
Description The library, used in numerous plugins, does not have proper authorisation when updating blog options, allowing any authenticated users, such as subscriber to update arbitrary options As any authenticated user: Enable new user registrations:...
Ajax Store Locator <= 1.2 - Remote SQL Injection
The ajax-store-locator WordPress plugin was affected by a Remote SQL Injection security vulnerability. http://www.example.com/wordpress/wp-admin/admin-ajax.php?action=sldalsearchlocation&funMethod=SearchStore&Location=Social&StoreLocation=11 AND SELECT FROM SELECTSLEEP10LCKZ...