Vanilla Forum Tagging Plug-In Enchanced 1.0.1 Stored XSS
# Title: Vanilla Tagging Enchanced 1.0.1 Stored XSS # Date: 1/6/12 # Author: Henry Hoggard # Author URL: henryhoggard.co.uk # Author Twitter: @henryhoggard # Software: Vanilla Version 2.0.18.4 +...
View ArticlePyroCMS 2.1.1 CRLF Injection / Stored Cross Site Scripting
PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 (Community) Summary: PyroCMS is a CMS built using...
View ArticleWordPress Spider Event Calendar Multiple Vulnerabilities
Author: Janek Vind "waraxe" Date: 22. May 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-104.html Description of vulnerable software:...
View ArticleWordPress Spider Catalog Multiple Vulnerabilities
Author: Janek Vind "waraxe" Date: 22. May 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-105.html Description of vulnerable software:...
View ArticleTP-LINK WDR4300 – Stored XSS & DoS
Advisory Information =============== Vendors Contacted: TP-LINK Vendor Patched: Yes, Firmware 140916 System Affected: N750 Wireless Dual Band Gigabit Router (TL-WDR4300), might affect others....
View ArticleZyXEL SBG-3300 Security Gateway Stored Server XSS
######################################## #Vulnerability Title: Stored Server XSS in ZyXEL SBG-3300 Security Gateway #Date: 02/10/2014 #CVE-ID: CVE-2014-7277 #Product: ZyXEL SBG3300-N series #Vendor:...
View ArticleWordPress Simple Visitor Stat Cross Site Scripting
Title: WordPress 'Simple Visitor Stat' plugin - Stored XSS Reported by: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2014/12/12 Download: https://wordpress.org/plugins/simple-visitor-stat/...
View ArticleWordPress gSlideShow 0.1 CSRF / XSS
************************************************************************************** # Title: CSRF / Stored XSS Vulnerability in gSlideShow Wordpress Plugin # Author: Manideep K # CVE-ID: CVE...
View ArticleWordPress SimpleFlickr 3.0.3 CSRF / XSS
************************************************************************************** # Title: CSRF / Stored XSS Vulnerability in SimpleFlickr Wordpress Plugin # Author: Manideep K # CVE-ID:...
View ArticleWordPress twimp-wp Cross Site Request Forgery / Cross Site Scripting
# Title: CSRF / Stored XSS Vulnerability in twimp-wp Plugin # Author: Manideep K # CVE-ID: CVE-2014-9397 # Plugin Homepage: https://wordpress.org/plugins/twimp-wp/ # Version Affected: (probably lower...
View ArticleWordPress Simplelife 1.2 CSRF / XSS
************************************************************************************** # Title: CSRF / Stored XSS Vulnerability in Simplelife Wordpress Plugin # Author: Manideep K # CVE-ID:...
View ArticleWordPress Twitter LiveBlog 1.1.2 CSRF / XSS
# Title: CSRF / Stored XSS Vulnerability in Twitter LiveBlog Wordpress Plugin # Author: Manideep K # CVE-ID: CVE-2014-9398 # Plugin Homepage: https://wordpress.org/plugins/twitter-liveblog/ # Version...
View ArticleWordPress TweetScribe 1.1 CSRF / XSS
************************************************************************************** # Title: CSRF / Stored XSS Vulnerability in TweetScribe Wordpress Plugin # Author: Manideep K # CVE-ID:...
View ArticleWordPress WP Limit Posts Automatically 0.7 CSRF / XSS
# Title: CSRF / Stored XSS Vulnerability in WP Limit Posts Automatically Wordpress Plugin # Author: Manideep K # cve-id: CVE-2014-9401 # Plugin Homepage:...
View ArticleWordPress WP Unique Article Header Image 1.0 CSRF / XSS
************************************************************************************** # Title: CSRF / Stored XSS Vulnerability in WP Unique Article Header Image Wordpress Plugin # Author: Manideep K...
View ArticleWordPress Simple Security Plugin XSS vulnerabilities
Advisory ID: HTB23244 Product: Simple Security WordPress Plugin Vendor: MyWebsiteAdvisor Vulnerable Version(s): 1.1.5 and probably prior Tested Version: 1.1.5 Advisory Publication: December 17, 2014...
View ArticleWordPress Church Admin 0.800 Cross Site Scripting
# Exploit Title: Wordpress church_admin Stored XSS # Date: 21-04-2015 # Exploit Author: woodspeed # Vendor Homepage: https://wordpress.org/plugins/church-admin/ # Version: 0.800 # OSVDB ID :...
View ArticleWordPress Download Manager Free 2.7.94 / Pro 4 XSS
# WordPress Download Manager Free 2.7.94 & Pro 4 Authenticated Stored XSS # Vendor Homepage: http://www.wpdownloadmanager.com # Software Link: https://wordpress.org/plugins/download-manager #...
View ArticleWordPress YouTube Embed plugin Stored XSS
Details ================ Software: YouTube Embed Version: 3.3.2 Homepage: https://wordpress.org/plugins/youtube-embed/ CVE ID: CVE-2015-6535 (Pending) CWE ID: CWE-79 CVSS: 5.5 (Medium;...
View Article
