Blog Posts - Cross Site Scripting



WordPress Magic Fields 1 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   -----...
by MondoUnix on Aug 19, 2016

WordPress Magic Fields 2 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   -----...
by MondoUnix on Aug 19, 2016

WordPress Google Maps 2.1.2 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Google Maps WordPress Plugin ------------------------------------------------------------------------ Julien Rentrop, July 2016   ----...
by MondoUnix on Aug 19, 2016

WordPress Welcome Announcement 1.0.5 Cross Site Scripting

##################### # Exploit Title: Wordpress Welcome Announcement Cross Site Scripting # Exploit Author: bl4ck_mohajem # Vendor Homepage: https://wordpress.org/plugins/welcome-announcement/ # Tested On: Windows7 # Software Link: https://downloads...
by MondoUnix on Aug 7, 2016

WordPress Store Locator Plus 4.5.09 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting in Store Locator Plus for WordPress ------------------------------------------------------------------------ Yorick Koster, July 2016   ---------------...
by MondoUnix on Aug 7, 2016

WordPress Neuvoo-Jobroll 2.0 Cross Site Scripting

###################################################################### # Exploit Title: Wordpress plugin neuvoo-jobroll 2.0 Reflected Cross-Site Scripting (RXSS) # Date: 05/11/2015 # Author: Mickael Dorigny @ Synetis # Vendor or Software Link: http:/...
by MondoUnix on Nov 6, 2015

WordPress Events Made Easy 1.5.49 CSRF / XSS

Plugin link: https://wordpress.org/plugins/events-made-easy/ Active Installs: 10,000+ Version tested: 1.5.49 CVE Reference: Waiting Original advisory: https://www.davidsopas.com/events-made-easy-wordpress-plugin-csrf-persistent-xss/   Events Mad...
by MondoUnix on Nov 1, 2015

WordPress arcResBookingWidget 1.0 Cross Site Scripting

Title: WordPress 'arcResBookingWidget' Plugin Version: 1.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/arcres-booking-engine/ - https://plugins.svn.wordpress.org/arcres-booking-e...
by MondoUnix on Aug 31, 2015

WordPress Advertisement Management 1.0 Cross Site Scripting

Title: WordPress 'Advertisement Management' Plugin Version: 1.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/advertisement-management/ - https://plugins.svn.wordpress.org/advertis...
by MondoUnix on Aug 31, 2015

WordPress Flickr Justified Gallery 3.3.6 Cross Site Scripting

Details ================ Software: Flickr Justified Gallery Version: 3.3.6 Homepage: https://wordpress.org/plugins/flickr-justified-gallery/ Advisory report: https://security.dxw.com/advisories/reflected-xss-in-flickr-justified-gallery-could-allows-u...
by MondoUnix on Aug 31, 2015

WordPress F/T/G Social Widgets 1.3.7 Cross Site Scripting

Title: WordPress 'Facebook, Twitter & Google+ Social Widgets' Plugin Version: 1.3.7 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-15 Download: - https://wordpress.org/plugins/facebook-twitter-google-social-widgets/ - http...
by MondoUnix on Aug 31, 2015

WordPress Advance Categorizer 0.3 Cross Site Scripting

Title: WordPress 'Advance Categorizer' Plugin Version: 0.3 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-24 Download: - https://wordpress.org/plugins/advance-categorizer/ - https://plugins.svn.wordpress.org/advance-categorize...
by MondoUnix on Aug 31, 2015

WordPress Google Plus One Button By KMS 1.5.0 CSRF / XSS

Title: WordPress 'Google 'Plus one' Button by kms' Plugin Version: 1.5.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/google-plus-one-button-by-kms/ - https://plugins.svn.wordpres...
by MondoUnix on Aug 31, 2015

WordPress Ads In Bottom Right 1.0 Cross Site Scripting

Title: WordPress 'Ads in bottom right' Plugin Version: 1.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/ads-in-bottom-right/ - https://plugins.svn.wordpress.org/ads-in-bottom-righ...
by MondoUnix on Aug 31, 2015

WordPress Author Manager 1.0 Cross Site Scripting

Title: WordPress 'Author Manager' Plugin Version: 1.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/author-manager/ - https://plugins.svn.wordpress.org/author-manager/ Notified Ven...
by MondoUnix on Aug 31, 2015

WordPress 1-Click Retweet/Share/Like 5.2 Cross Site Scripting

Title: WordPress '1-click Retweet/Share/Like' Plugin Version: 5.2 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-21 Download: - https://wordpress.org/plugins/1-click-retweetsharelike/ - https://plugins.svn.wordpress.org/1-clic...
by MondoUnix on Aug 31, 2015

WordPress Chief Editor 3.6.1 Cross Site Scripting

Title: WordPress 'Chief Editor' Plugin Version: 3.6.1 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-17 Download: - https://wordpress.org/plugins/chief-editor/ - https://plugins.svn.wordpress.org/chief-editor/ Notified Vendor/...
by MondoUnix on Aug 31, 2015

WordPress Default Facebook Thumbnails 0.4 Cross Site Scripting

Title: WordPress 'Default Facebook Thumbnails' Plugin Version: 0.4 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-13 Download: - https://wordpress.org/plugins/default-facebook-thumbnail/ - https://plugins.svn.wordpress.org/def...
by MondoUnix on Aug 31, 2015

WordPress Content Grabber 1.0 Cross Site Scripting

Title: WordPress 'Content Grabber' Plugin Version: 1.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-14 Download: - https://wordpress.org/plugins/content-grabber/ - https://plugins.svn.wordpress.org/content-grabber/ Notified...
by MondoUnix on Aug 31, 2015

WordPress YouTube Embed plugin Stored XSS

  Details ================ Software: YouTube Embed Version: 3.3.2 Homepage: https://wordpress.org/plugins/youtube-embed/ CVE ID: CVE-2015-6535 (Pending) CWE ID: CWE-79 CVSS: 5.5 (Medium; AV:N/AC:L/Au:S/C:P/I:P/A:N)   Description ===========...
by MondoUnix on Aug 27, 2015


Trending Topics

Close