CVE-2008-1059

The CVE-2008-1059 issue affects WordPress Sniplets plugin (versions 1.1.2 and 1.2.2). It is a PHP remote file inclusion in modules/syntax_highlight.php that allows an attacker to execute arbitrary PHP code via the libpath URL parameter. This can lead to remote code execution and potential comprom...

CVE-2008-1061

The CVE-2008-1061 issue affects WordPress Sniplets plugin versions 1.1.2 and 1.2.2, where XSS can be triggered via the text parameter to warning.php, notice.php, and inset.php (in view/sniplets/), possibly modules/execute.php; via the url parameter to view/admin/submenu.php; and via the page para...

CVE-2008-1060

The CVE affects the Sniplets WordPress plugin, specifically versions 1.1.2 and 1.2.2, where an eval injection in modules/execute.php allows remote attackers to execute arbitrary PHP code via the text parameter. This results in remote code execution with the webserver user’s privileges, aligning w...