Blog Posts - Wp-content



WordPress Magic Fields 1 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   -----...
by MondoUnix on Aug 19, 2016

WordPress Magic Fields 2 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   -----...
by MondoUnix on Aug 19, 2016

WordPress Google Maps 2.1.2 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Google Maps WordPress Plugin ------------------------------------------------------------------------ Julien Rentrop, July 2016   ----...
by MondoUnix on Aug 19, 2016

WordPress Welcome Announcement 1.0.5 Cross Site Scripting

##################### # Exploit Title: Wordpress Welcome Announcement Cross Site Scripting # Exploit Author: bl4ck_mohajem # Vendor Homepage: https://wordpress.org/plugins/welcome-announcement/ # Tested On: Windows7 # Software Link: https://downloads...
by MondoUnix on Aug 7, 2016

WordPress Store Locator Plus 4.5.09 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting in Store Locator Plus for WordPress ------------------------------------------------------------------------ Yorick Koster, July 2016   ---------------...
by MondoUnix on Aug 7, 2016

WP Fastest Cache 0.8.4.8 Blind SQL Injection

# Exploit Title: WP Fastest Cache 0.8.4.8 Blind SQL Injection # Date: 11-11-2015 # Software Link: https://wordpress.org/plugins/wp-fastest-cache/ # Exploit Author: Kacper Szurek # Contact: http://twitter.com/KacperSzurek # Website: http://security.sz...
by MondoUnix on Nov 13, 2015

WordPress Neuvoo-Jobroll 2.0 Cross Site Scripting

###################################################################### # Exploit Title: Wordpress plugin neuvoo-jobroll 2.0 Reflected Cross-Site Scripting (RXSS) # Date: 05/11/2015 # Author: Mickael Dorigny @ Synetis # Vendor or Software Link: http:/...
by MondoUnix on Nov 6, 2015

WordPress Events Made Easy 1.5.49 CSRF / XSS

Plugin link: https://wordpress.org/plugins/events-made-easy/ Active Installs: 10,000+ Version tested: 1.5.49 CVE Reference: Waiting Original advisory: https://www.davidsopas.com/events-made-easy-wordpress-plugin-csrf-persistent-xss/   Events Mad...
by MondoUnix on Nov 1, 2015

WordPress Pie Register 2.0.18 SQL Injection

Details ================ Software: Pie Register Version: 2.0.18 Homepage: https://github.com/GTSolutions/Pie-Register CVE: CVE-2015-7682 (Pending) CVSS: 3.5 (Low; AV:N/AC:M/Au:S/C:P/I:N/A:N) CWE: CWE-89   Description ================ Two blind S...
by MondoUnix on Nov 1, 2015

WordPress Font 7.5 Path Traversal

Details ================ Software: Font Version: 7.5 Homepage: https://wordpress.org/plugins/font/ CVE: CVE-2015-7683 (Pending) CVSS: 6.3 (Medium; AV:N/AC:M/Au:S/C:C/I:N/A:N) CWE: CWE-22   Description ================ An absolute path traversal...
by MondoUnix on Nov 1, 2015

Cara Reset Blackberry ID BBM Saat Lupa Password

Cara Reset Blackberry ID BBM Saat Lupa Password – Bagi anda para pengguna ponsel Blackberry, pastinya anda memiliki akun blackberry ID atau pun ID BBM pada ponsel blackberry anda. Nah dikesempatan kali ini saya akan memberikan sebuah Cara Reset...
by Manuaisescolares on Oct 15, 2015

WordPress arcResBookingWidget 1.0 Cross Site Scripting

Title: WordPress 'arcResBookingWidget' Plugin Version: 1.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/arcres-booking-engine/ - https://plugins.svn.wordpress.org/arcres-booking-e...
by MondoUnix on Aug 31, 2015

WordPress Advertisement Management 1.0 Cross Site Scripting

Title: WordPress 'Advertisement Management' Plugin Version: 1.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/advertisement-management/ - https://plugins.svn.wordpress.org/advertis...
by MondoUnix on Aug 31, 2015

WordPress Flickr Justified Gallery 3.3.6 Cross Site Scripting

Details ================ Software: Flickr Justified Gallery Version: 3.3.6 Homepage: https://wordpress.org/plugins/flickr-justified-gallery/ Advisory report: https://security.dxw.com/advisories/reflected-xss-in-flickr-justified-gallery-could-allows-u...
by MondoUnix on Aug 31, 2015

WordPress F/T/G Social Widgets 1.3.7 Cross Site Scripting

Title: WordPress 'Facebook, Twitter & Google+ Social Widgets' Plugin Version: 1.3.7 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-15 Download: - https://wordpress.org/plugins/facebook-twitter-google-social-widgets/ - http...
by MondoUnix on Aug 31, 2015

WordPress Advance Categorizer 0.3 Cross Site Scripting

Title: WordPress 'Advance Categorizer' Plugin Version: 0.3 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-24 Download: - https://wordpress.org/plugins/advance-categorizer/ - https://plugins.svn.wordpress.org/advance-categorize...
by MondoUnix on Aug 31, 2015

WordPress Google Plus One Button By KMS 1.5.0 CSRF / XSS

Title: WordPress 'Google 'Plus one' Button by kms' Plugin Version: 1.5.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/google-plus-one-button-by-kms/ - https://plugins.svn.wordpres...
by MondoUnix on Aug 31, 2015

WordPress Ads In Bottom Right 1.0 Cross Site Scripting

Title: WordPress 'Ads in bottom right' Plugin Version: 1.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/ads-in-bottom-right/ - https://plugins.svn.wordpress.org/ads-in-bottom-righ...
by MondoUnix on Aug 31, 2015

WordPress Author Manager 1.0 Cross Site Scripting

Title: WordPress 'Author Manager' Plugin Version: 1.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/author-manager/ - https://plugins.svn.wordpress.org/author-manager/ Notified Ven...
by MondoUnix on Aug 31, 2015

WordPress 1-Click Retweet/Share/Like 5.2 Cross Site Scripting

Title: WordPress '1-click Retweet/Share/Like' Plugin Version: 5.2 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-21 Download: - https://wordpress.org/plugins/1-click-retweetsharelike/ - https://plugins.svn.wordpress.org/1-clic...
by MondoUnix on Aug 31, 2015


Trending Topics

Close