wordpress

1931 items tagged "wordpress"

Related tags: third party [+], forgery [+], content [+], vulnerability [+], zingiri [+], sql query [+], rokbox [+], cross site scripting [+], video [+], twentyten [+], rockettheme [+], plus [+], photo [+], exploits [+], cross [+], asset manager [+], vulnerability note [+], wp property [+], stack trace [+], slider [+], search version [+], phpmyadmin [+], photo search [+], manager [+], gmail [+], gallery [+], form [+], firestorm [+], facebook [+], authentication [+], web shop [+], survey [+], port scanner [+], port [+], plugins [+], plg [+], pingback [+], php [+], path [+], nest [+], malicious user [+], madebymilk [+], kontem [+], arbitrary code execution [+], sql [+], web [+], yaren [+], xml rpc [+], xerte [+], wp realty [+], weddingsatwork [+], webplayer [+], vulnerabilities [+], valums [+], total [+], toolbox [+], timelinejs [+], tema [+], starmark [+], sql queries [+], shopping cart [+], shopping [+], shai [+], service path [+], saul theme [+], saul sql [+], saul [+], sahifa [+], reflex [+], real [+], plugin version [+], password hashes [+], package [+], onlinedata [+], online [+], oberliga [+], nuweb [+], novana [+], newstimes [+], newsletter [+], nest sql [+], myflash [+], myadmin [+], malmonation [+], interface [+], gallery 1 [+], fs real estate [+], forum [+], error condition [+], denial of service [+], dailyedition mouss [+], dailyedition [+], cstardesign [+], clockstone [+], cart [+], cache data [+], cache [+], buddypress [+], box [+], asm [+], party plugin [+], web applications [+], sql injection [+], vuln [+], url [+], theme id [+], search parameter [+], professional real estate [+], professional [+], php script [+], new [+], multiple [+], magazine [+], full [+], directory traversal [+], asset [+], abc [+], remote shell [+], file upload [+], wordpress themes [+], zarzadzonie [+], wp useronline [+], wp basketball [+], wordfence [+], widget [+], video gallery [+], user manager [+], user [+], ungallery [+], syntax highlighter [+], syntax [+], studiocirmes [+], spider catalog [+], spider [+], seo [+], security vulnerabilities [+], security [+], remote file include vulnerability [+], random image [+], pretty [+], portable [+], poll [+], player plugin [+], player [+], pica [+], photo gallery [+], photo album [+], path parameter [+], nest theme [+], manager plugin [+], magic [+], link [+], jetpack [+], information disclosure vulnerability [+], image store [+], grand [+], flv player [+], flv [+], finalist [+], eshop [+], dx contribute [+], default theme [+], default [+], custom [+], css [+], cron [+], crayon [+], counter [+], command execution [+], cms [+], cimy [+], catalog html [+], catalog [+], calendar [+], button [+], bugtraq [+], bookings [+], basketball [+], arribalaesteban [+], arbitrary command [+], album gallery [+], album [+], advanced [+], disclosure [+], themes [+], shell [+], plugin [+], uploader [+], upload [+], injection [+], file [+], theme [+], inclusion [+], simple [+], zotpress, z vote, z category, yt audio, yolink, yoast, yass, yahoo, xss, xsrfleakage, xmlrpc, xml, xinha, x.x, wysiwyg, wysi, wptouch, wpstorecart, wpscan, wpsc mijnpress, wpsc, wphone, wpeasystats, wpbruteforcer, wp starsratebox, wp spamfree, wp recaptcha, wp predict, wp forum, wp filebase, wp facethumb, wp cumulus, wp admin, wordpress plugins, wordpress plugin, with, wire, widgets, whois search, whois, white label, white, wellington new zealand, wellington, welcomizer, website faq, website, webinar, webapps, web script, vulnerability scanner, vote, vodpod video, vodpod, viva thumbs, vitamin, videox, videowhisper, video presentation, video conference, version 6, version, verification, users, url redirection, url parameter, uri redirection, upm polls, upm, uploadify, update, unspecified, unauthorized access, ultimate, ugc, ucan, txt, twsl, tweet, tuner, tune library, tune, traversal, trashed, track, traces, topbar, top quark, top, tool, token, tinymce, timthumb, tierra, tickets, thumbnail gallery, thumbnail, threewp, thinkun, themecity, thecartpress, text widget, text, testimonials, template, tdo, targeted, tagninja, tagid, tagged, taggator, tag, tackles, symposium, swfupload, swf, super, suffers, subscribe, submissions, subject field, style version, stored, stat, star rating, star, spoofing, speedy, spam, soundcloud, software plugins, sodahead, socialgrid, social discussions, social, sociable, smooth, slug, slideshow gallery, slideshow, skysa, sites, site5, site, simplemail, simple request, signups, shortcode, shopperpress, shopp, shareyourcart, sharebar, share, sfbrowser, sexy, servers, server vulnerability, server plugin, server, sermonbrowser, seo tools, sendit, security vulnerability, security scanner, security advisory, secure, searchautocomplete, search plugin, search, scripting, script php, script, scorm, schreikasten, scanner, sanitizing, safer use, sabre, s parameter, rss feed reader, rss, roots, rich widget, retired, resume, remote security, remote, remind, relocate, relevanssi, registration, register, reflector, referer, redux, redirection, redirect, redir, recommendations, recipes, recip, recaptcha, read config, read, rbx, rating, rate tracker, rate, quick, question, query field, quark, python, pwwangs, purehtml, publisher, publication archive, publication, proof of concept, promotions, profiles, privacy, print button, print, press, powerhouse museum, powerhouse, postie, post, pollution, polls, policy, poisons, poc, plugin v1, plugin archive, plug in, player 1, placester, picturesurf, phpfreechat, phpbak, php sql, php file upload, photosmash, photoracer, photolog, photoblog, per day, penetration, pdw, pdf, pay, password disclosure, part, pagination, pages, pageflipbook, page promoter, page parameter, page, organizer version, organizer, oqey, optimal internet, optimal, opt in, ops, opengraph, omni, old post, old, official, odihost, notices, notebook, nmedia, nextgen, newsletter manager, news, new zealand, network publisher, network, name, mystat, myldlinker, myeasybackup, museum, munkyscripts, multiple users, multiple file, moodthingy, monsters, monitor, modified version, mini, mingle, mime type, meta version, meta plugin, meta 1, meta, menu creator, menu, memberships, member, meenews, media manager, media categories, media, matt, matrix gallery, math, mass mailing, mass mail, mass, marketplace, market, maps, map, manager version, manager 2, management, malware, majorsecurity, mailing, mail spoofing, mail, magn, magazeen, mac photo, lt 1, login attempts, login, logging utility, localization, local market, local, livesig, livephp, live, listing, list, link library, lim, lightbox, library, lfi, leaguemanager, leaflet, lead management, lazyest, latex, lanoba, label, kses, krea, knr, kish, katalyst, kakao, js appointment, jrss, jquery, job postings, iwantonebutton, ip logger, invit, interface toolkit, integrator, insufficient, instances, input validation vulnerabilities, information disclosure, information, imagezoom, image news, image grid, image gallery, image, igit, iframe, ie7, icopyright, hungred, human, html, htb, ht poi, host, hitasoft, hit, hijack, headers, hashes, hash, hacking, hacker attack, hackaday, guest, grapefile, gpx, google maps, google analytics, google, gold, glossary, global content, global, gigpress, gig calendar, gig, generic, gazette edition, gallery 3, galleries, g lock, function, front, from, foxypress, forum server, forum 1, forms, form php, font, flowplayer, flip book, flip, flick, flexible, flash plugin, flash gallery, flash, flagshow, firestats, fingerprinting, fingerprinter, finder, filedownload, file uploader, feed, featured, feature slideshow, feature, fckeditor, fcchat, fbconnect, faq, fancy, famous, failure, ezpz, extra, extended, exposure, explorer 3, exploit, exit popup, exit, execution, eventify, event registration, event id, event calendar, event, evarisk, enumeration, enable, email spoofing, email newsletter, email, eggallery, effective, editormonkey, editor, eco, easy gallery, easy, e commerce, dynamic, duplicate, dumps, dump, ds faq, drop shell, dreamwork, drag and drop, drag, downloads, download, dotclear, donation, dnd, disclosure policy, directory traversal vulnerability, directory, direct access, diary, denial, deans, ddos, day, database interface, database, dashboard widget, d banner, cve, custom tables, custom content, custom background, cumulus, csv, creator, crawl, couponer, count per day, core module, core, copperleaf, contus, content type, contact forms, contact, configuration file, confetti cannon, conduit, compromised, component versions, component version, communities, commerce, comment, commandeered, command, comicpress, com, collision, codestyling, code shell, code execution, code, cloudsafe, cloud, clickjacking, clickdesk, click, classipress, church admin, china, chenpress, checker, cforms, cevhershare, categories, catablog, cartpress, cardoza, captcha bypass, captcha, calendar script, cache directory, buttons, business listings, business, bulletproof, bsuite, bruteforcer, bruteforce, brute force, brute, box approach, blue, blogs, blog entry, blog, block spam, block, bliss gallery, bliss, blaze, black hole, bitcoin, bezahlcode generator, better, belavir, behavior, beer recipes, beer, bbpress, bash shell script, bash script, basements, bannerize, banner rotator, banner, bad behavior, bad, backwpup, backup, backdoor, automation, automatic, author name, author, audio plugin, audio path, audio gallery, audio, auctions, attackers, attack, associate, article, archive, architecture, archin, arbitrary web, arbitrary files, arbitrary, appointment, application, app, answer, annu, annonces, analytics, analyticator, amazon associate, amazon, allwebmenus, allmedias, alert, albums, akismet, ajax, age verification, age, aes edition, adwizz, advertizer, adrotate, administrative username, administrative panel, adminimize, admin panel, admin, action parameter, accept, abuse, abtest, absolute privacy, abc test, Tools, Related, Discussions, Community, Bugs, 3d cubes

Skip to page: 1 2 3 ... 8

January 04, 2013
0:00
Vuln: WordPress Cimy User Manager Plugin Arbitrary File Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

WordPress Cimy User Manager Plugin Arbitrary File Disclosure Vulnerability
Tags: wordpress cimy user vulnerability disclosure user-manager

January 03, 2013
16:22
WordPress Valums Uploader Shell Upload
» ‎ Packet Storm Security Exploits

The WordPress Valums Uploader plugin suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
Tags: uploader valums wordpress remote-shell vulnerability-note

16:22
WordPress Valums Uploader Shell Upload
» ‎ Packet Storm Security Recent Files

The WordPress Valums Uploader plugin suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
Tags: uploader valums wordpress remote-shell vulnerability-note

16:22
WordPress Valums Uploader Shell Upload
» ‎ Packet Storm Security Misc. Files

The WordPress Valums Uploader plugin suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
Tags: uploader valums wordpress remote-shell vulnerability-note

0:00
Vuln: Wordpress Advanced Custom Fields Plugin 'acf_abspath' Parameter Remote File Include Vulnerability
» ‎ SecurityFocus Vulnerabilities

Wordpress Advanced Custom Fields Plugin 'acf_abspath' Parameter Remote File Include Vulnerability
Tags: custom wordpress advanced remote-file-include-vulnerability

January 02, 2013
21:32
WordPress Xerte Online 0.32 Shell Upload
» ‎ Packet Storm Security Exploits

WordPress Xerte Online plugin version 0.32 suffers from a remote shell upload vulnerability.
Tags: xerte online wordpress remote-shell vulnerability

21:32
WordPress Xerte Online 0.32 Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress Xerte Online plugin version 0.32 suffers from a remote shell upload vulnerability.
Tags: xerte online wordpress remote-shell vulnerability

21:32
WordPress Xerte Online 0.32 Shell Upload
» ‎ Packet Storm Security Misc. Files

WordPress Xerte Online plugin version 0.32 suffers from a remote shell upload vulnerability.
Tags: xerte online wordpress remote-shell vulnerability

21:31
WordPress Uploader 1.0.4 Shell Upload
» ‎ Packet Storm Security Exploits

WordPress Uploader plugin version 1.0.4 suffers from a remote shell upload vulnerability.
Tags: uploader shell wordpress remote-shell vulnerability

21:31
WordPress Uploader 1.0.4 Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress Uploader plugin version 1.0.4 suffers from a remote shell upload vulnerability.
Tags: uploader shell wordpress remote-shell vulnerability

21:31
WordPress Uploader 1.0.4 Shell Upload
» ‎ Packet Storm Security Misc. Files

WordPress Uploader plugin version 1.0.4 suffers from a remote shell upload vulnerability.
Tags: uploader shell wordpress remote-shell vulnerability

21:29
WordPress ReFlex Gallery 1.3 Shell Upload
» ‎ Packet Storm Security Exploits

WordPress ReFlex Gallery plugin version 1.3 suffers from a remote shell upload vulnerability.
Tags: gallery reflex wordpress remote-shell gallery-1

21:29
WordPress ReFlex Gallery 1.3 Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress ReFlex Gallery plugin version 1.3 suffers from a remote shell upload vulnerability.
Tags: gallery reflex wordpress remote-shell gallery-1

21:29
WordPress ReFlex Gallery 1.3 Shell Upload
» ‎ Packet Storm Security Misc. Files

WordPress ReFlex Gallery plugin version 1.3 suffers from a remote shell upload vulnerability.
Tags: gallery reflex wordpress remote-shell gallery-1

21:25
WordPress Shopping Cart 8.1.14 Shell Upload / SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Shopping Cart version 8.1.14 from Level Four Store Front suffers from remote SQL injection and shell upload vulnerabilities.
Tags: cart wordpress shopping shopping-cart shell

21:25
WordPress Shopping Cart 8.1.14 Shell Upload / SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Shopping Cart version 8.1.14 from Level Four Store Front suffers from remote SQL injection and shell upload vulnerabilities.
Tags: cart wordpress shopping shopping-cart shell

21:25
WordPress Shopping Cart 8.1.14 Shell Upload / SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Shopping Cart version 8.1.14 from Level Four Store Front suffers from remote SQL injection and shell upload vulnerabilities.
Tags: cart wordpress shopping shopping-cart shell

0:00
Vuln: WordPress WP Photo Album Plus Plugin Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

WordPress WP Photo Album Plus Plugin Cross Site Scripting Vulnerability
Tags: album photo wordpress vulnerability photo-album

January 01, 2013
11:01
WordPress Sahifa 2.4.0 Cross Site Request Forgery / Path Disclosure
» ‎ Packet Storm Security Exploits

WordPress Sahifa theme version 2.4.0 suffers from cross site request forgery and path disclosure vulnerabilities.
Tags: cross sahifa wordpress forgery

11:01
WordPress Sahifa 2.4.0 Cross Site Request Forgery / Path Disclosure
» ‎ Packet Storm Security Recent Files

WordPress Sahifa theme version 2.4.0 suffers from cross site request forgery and path disclosure vulnerabilities.
Tags: cross sahifa wordpress forgery

11:01
WordPress Sahifa 2.4.0 Cross Site Request Forgery / Path Disclosure
» ‎ Packet Storm Security Misc. Files

WordPress Sahifa theme version 2.4.0 suffers from cross site request forgery and path disclosure vulnerabilities.
Tags: cross sahifa wordpress forgery

8:31
[web applications] - Wordpress Themes moneymasters Full Path Disclosure vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes moneymasters Full Path Disclosure vulnerability
Tags: wordpress web themes wordpress-themes web-applications vulnerability
8:30
[remote exploits] - Wordpress Themes moneymasters File Upload Vulnerability (metasploit)
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[remote exploits] - Wordpress Themes moneymasters File Upload Vulnerability (metasploit)
Tags: wordpress file themes exploits vulnerability
December 30, 2012
12:10
[web applications] - Wordpress Themes moneymasters Arbitrary File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes moneymasters Arbitrary File Upload Vulnerability
Tags: wordpress web themes wordpress-themes file-upload web-applications

6:44
WordPress RocketTheme Content Spoofing / Cross Site Scripting
» ‎ Packet Storm Security Exploits

33 new themes for WordPress that are made by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rockettheme disclosure
6:44
WordPress SB Uploader 3.9 Shell Upload
» ‎ Packet Storm Security Exploits

WordPress SB Uploader version 3.9 suffers from an arbitrary file upload vulnerability.
Tags: upload uploader wordpress file-upload vulnerability
6:44
WordPress RocketTheme Content Spoofing / Cross Site Scripting
» ‎ Packet Storm Security Exploits

33 new themes for WordPress that are made by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rockettheme disclosure
6:44
WordPress SB Uploader 3.9 Shell Upload
» ‎ Packet Storm Security Exploits

WordPress SB Uploader version 3.9 suffers from an arbitrary file upload vulnerability.
Tags: upload uploader wordpress file-upload vulnerability

6:44
WordPress SB Uploader 3.9 Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress SB Uploader version 3.9 suffers from an arbitrary file upload vulnerability.
Tags: upload uploader wordpress file-upload vulnerability
6:44
WordPress RocketTheme Content Spoofing / Cross Site Scripting
» ‎ Packet Storm Security Recent Files

33 new themes for WordPress that are made by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rockettheme disclosure
6:44
WordPress SB Uploader 3.9 Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress SB Uploader version 3.9 suffers from an arbitrary file upload vulnerability.
Tags: upload uploader wordpress file-upload vulnerability
6:44
WordPress RocketTheme Content Spoofing / Cross Site Scripting
» ‎ Packet Storm Security Recent Files

33 new themes for WordPress that are made by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rockettheme disclosure

6:44
WordPress SB Uploader 3.9 Shell Upload
» ‎ Packet Storm Security Misc. Files

WordPress SB Uploader version 3.9 suffers from an arbitrary file upload vulnerability.
Tags: upload uploader wordpress file-upload vulnerability
6:44
WordPress RocketTheme Content Spoofing / Cross Site Scripting
» ‎ Packet Storm Security Misc. Files

33 new themes for WordPress that are made by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rockettheme disclosure
6:44
WordPress SB Uploader 3.9 Shell Upload
» ‎ Packet Storm Security Misc. Files

WordPress SB Uploader version 3.9 suffers from an arbitrary file upload vulnerability.
Tags: upload uploader wordpress file-upload vulnerability
6:44
WordPress RocketTheme Content Spoofing / Cross Site Scripting
» ‎ Packet Storm Security Misc. Files

33 new themes for WordPress that are made by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rockettheme disclosure

4:10
[web applications] - Wordpress plugins sitepress-multilingual-cms Full Path Disclosure
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress plugins sitepress-multilingual-cms Full Path Disclosure
Tags: wordpress web full web-applications disclosure cms

3:11
WordPress Photo Plus / Photo Search XSS / CSRF
» ‎ Packet Storm Security Exploits

WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.
Tags: photo wordpress plus search-version photo-search forgery
3:11
WordPress Photo Plus / Photo Search XSS / CSRF
» ‎ Packet Storm Security Exploits

WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.
Tags: photo wordpress plus search-version photo-search forgery

3:11
WordPress Photo Plus / Photo Search XSS / CSRF
» ‎ Packet Storm Security Recent Files

WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.
Tags: photo wordpress plus search-version photo-search forgery

3:11
WordPress Photo Plus / Photo Search XSS / CSRF
» ‎ Packet Storm Security Misc. Files

WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.
Tags: photo wordpress plus search-version photo-search forgery
3:11
WordPress Photo Plus / Photo Search XSS / CSRF
» ‎ Packet Storm Security Misc. Files

WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.
Tags: photo wordpress plus search-version photo-search forgery

December 28, 2012
15:33
WordPress TwentyTen Shell Upload
» ‎ Packet Storm Security Exploits

The WordPress TwentyTen theme suffers from a remote shell upload vulnerability.
Tags: shell wordpress twentyten remote-shell vulnerability
15:33
WordPress TwentyTen Shell Upload
» ‎ Packet Storm Security Exploits

The WordPress TwentyTen theme suffers from a remote shell upload vulnerability.
Tags: shell wordpress twentyten remote-shell vulnerability

15:33
WordPress TwentyTen Shell Upload
» ‎ Packet Storm Security Recent Files

The WordPress TwentyTen theme suffers from a remote shell upload vulnerability.
Tags: shell wordpress twentyten remote-shell vulnerability
15:33
WordPress TwentyTen Shell Upload
» ‎ Packet Storm Security Recent Files

The WordPress TwentyTen theme suffers from a remote shell upload vulnerability.
Tags: shell wordpress twentyten remote-shell vulnerability

15:33
WordPress TwentyTen Shell Upload
» ‎ Packet Storm Security Misc. Files

The WordPress TwentyTen theme suffers from a remote shell upload vulnerability.
Tags: shell wordpress twentyten remote-shell vulnerability
15:33
WordPress TwentyTen Shell Upload
» ‎ Packet Storm Security Misc. Files

The WordPress TwentyTen theme suffers from a remote shell upload vulnerability.
Tags: shell wordpress twentyten remote-shell vulnerability

December 27, 2012
19:40
WordPress Asset-Manager PHP File Upload
» ‎ Packet Storm Security Exploits

This Metasploit module exploits a vulnerability found in WordPress plugin Asset-Manager versions 2.0 and below. By abusing the upload.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
Tags: upload wordpress manager arbitrary-code-execution asset-manager malicious-user
19:40
WordPress Asset-Manager PHP File Upload
» ‎ Packet Storm Security Exploits

This Metasploit module exploits a vulnerability found in WordPress plugin Asset-Manager versions 2.0 and below. By abusing the upload.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
Tags: upload wordpress manager arbitrary-code-execution asset-manager malicious-user

19:40
WordPress Asset-Manager PHP File Upload
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a vulnerability found in WordPress plugin Asset-Manager versions 2.0 and below. By abusing the upload.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
Tags: upload wordpress manager arbitrary-code-execution asset-manager malicious-user

19:40
WordPress Asset-Manager PHP File Upload
» ‎ Packet Storm Security Misc. Files

This Metasploit module exploits a vulnerability found in WordPress plugin Asset-Manager versions 2.0 and below. By abusing the upload.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
Tags: upload wordpress manager arbitrary-code-execution asset-manager malicious-user

19:39
New WordPress Vuln Emerges
» ‎ Packet Storm Security Headlines

New WordPress Vuln Emerges
Tags: new wordpress vuln
19:39
New WordPress Vuln Emerges
» ‎ Packet Storm Security Headlines

New WordPress Vuln Emerges
Tags: new wordpress vuln

December 26, 2012
0:00
Vuln: WordPress Asset Manager Plugin 'upload.php' Arbitrary File Upload Vulnerability
» ‎ SecurityFocus Vulnerabilities

WordPress Asset Manager Plugin 'upload.php' Arbitrary File Upload Vulnerability
Tags: upload asset wordpress manager-plugin asset-manager file-upload vulnerability

December 25, 2012
11:09
[remote exploits] - WordPress WP-Property PHP File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[remote exploits] - WordPress WP-Property PHP File Upload Vulnerability
Tags: wp-property wordpress php exploits vulnerability
11:08
[remote exploits] - WordPress Asset-Manager PHP File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[remote exploits] - WordPress Asset-Manager PHP File Upload Vulnerability
Tags: asset wordpress manager asset-manager exploits vulnerability

0:00
Vuln: WordPress WP-UserOnline URL HTML Injection Vulnerability
» ‎ SecurityFocus Vulnerabilities

WordPress WP-UserOnline URL HTML Injection Vulnerability
Tags: url wordpress wp-useronline vulnerability
0:00
Vuln: WordPress WP-Property Plugin 'uploadify.php' Arbitrary File Upload Vulnerability
» ‎ SecurityFocus Vulnerabilities

WordPress WP-Property Plugin 'uploadify.php' Arbitrary File Upload Vulnerability
Tags: wp-property plugin wordpress file-upload vulnerability

December 24, 2012
15:32
WordPress W3 Total Cache Data Disclosure
» ‎ Packet Storm Security Exploits

This is an exploit for W3 Total Cache called W3 Total Fail that works by attempting to guess SQL queries that might contain important password hashes.
Tags: total cache wordpress password-hashes cache-data sql-queries

15:32
WordPress W3 Total Cache Data Disclosure
» ‎ Packet Storm Security Recent Files

This is an exploit for W3 Total Cache called W3 Total Fail that works by attempting to guess SQL queries that might contain important password hashes.
Tags: total cache wordpress password-hashes cache-data sql-queries

15:32
WordPress W3 Total Cache Data Disclosure
» ‎ Packet Storm Security Misc. Files

This is an exploit for W3 Total Cache called W3 Total Fail that works by attempting to guess SQL queries that might contain important password hashes.
Tags: total cache wordpress password-hashes cache-data sql-queries

14:59
WordPress Rokbox Themes Content Spoofing / XSS
» ‎ Packet Storm Security Exploits

Multiple WordPress themes by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rokbox wordpress-themes disclosure

14:59
WordPress Rokbox Themes Content Spoofing / XSS
» ‎ Packet Storm Security Recent Files

Multiple WordPress themes by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rokbox wordpress-themes disclosure

14:59
WordPress Rokbox Themes Content Spoofing / XSS
» ‎ Packet Storm Security Misc. Files

Multiple WordPress themes by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rokbox wordpress-themes disclosure

14:41
WordPress WP-Property PHP File Upload
» ‎ Packet Storm Security Exploits

This Metasploit module exploits a vulnerability found in WP-Property
Tags: wp-property wordpress php vulnerability

14:41
WordPress WP-Property PHP File Upload
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a vulnerability found in WP-Property
Tags: wp-property wordpress php vulnerability

14:41
WordPress WP-Property PHP File Upload
» ‎ Packet Storm Security Misc. Files

This Metasploit module exploits a vulnerability found in WP-Property
Tags: wp-property wordpress php vulnerability

13:16
[web applications] - WordPress Plugin WP-UserOnline Persistent XSS vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - WordPress Plugin WP-UserOnline Persistent XSS vulnerability
Tags: web plugin wordpress web-applications vulnerability
12:34
[web applications] - WordPress Plugin - W3 Total Cache Remote Sql Injection Exploit
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - WordPress Plugin - W3 Total Cache Remote Sql Injection Exploit
Tags: web plugin wordpress sql-injection web-applications
12:33
[web applications] - Wordpress Themes grou-random-image-widget Full Path Disclosure
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes grou-random-image-widget Full Path Disclosure
Tags: wordpress web themes wordpress-themes random-image widget
2:07
[web applications] - Wordpress Themes- shotzz Full Path Disclosure vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes- shotzz Full Path Disclosure vulnerability
Tags: wordpress web themes wordpress-themes web-applications vulnerability
2:07
[web applications] - Wordpress Themes- vithy Full Path Disclosure vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes- vithy Full Path Disclosure vulnerability
Tags: wordpress web themes wordpress-themes web-applications vulnerability
2:06
[web applications] - Wordpress Themes- appius Full Path Disclosure vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes- appius Full Path Disclosure vulnerability
Tags: wordpress web themes wordpress-themes web-applications vulnerability
2:06
[web applications] - Wordpress Themes- yvora Full Path Disclosure vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes- yvora Full Path Disclosure vulnerability
Tags: wordpress web themes wordpress-themes web-applications vulnerability

0:00
Vuln: WordPress Multiple CMSMasters Themes 'upload.php' Arbitrary File Upload Vulnerability
» ‎ SecurityFocus Vulnerabilities

WordPress Multiple CMSMasters Themes 'upload.php' Arbitrary File Upload Vulnerability
Tags: upload multiple wordpress file-upload vulnerability

December 22, 2012
7:28
[web applications] - Wordpress Themes - onepagewebsite Full Path Disclosure vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes - onepagewebsite Full Path Disclosure vulnerability
Tags: wordpress web themes wordpress-themes web-applications vulnerability

December 21, 2012
15:01
WordPress BuddyPress Cross Site Scripting / Content Spoofing
» ‎ Packet Storm Security Exploits

WordPress BuddyPress plugin suffers from cross site scripting and content spoofing vulnerabilities.
Tags: cross wordpress buddypress

15:01
WordPress BuddyPress Cross Site Scripting / Content Spoofing
» ‎ Packet Storm Security Recent Files

WordPress BuddyPress plugin suffers from cross site scripting and content spoofing vulnerabilities.
Tags: cross wordpress buddypress

15:01
WordPress BuddyPress Cross Site Scripting / Content Spoofing
» ‎ Packet Storm Security Misc. Files

WordPress BuddyPress plugin suffers from cross site scripting and content spoofing vulnerabilities.
Tags: cross wordpress buddypress

December 20, 2012
16:30
[web applications] - Wordpress plugin - sintic_gallery Path Disclosure Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress plugin - sintic_gallery Path Disclosure Vulnerability
Tags: plugin wordpress web web-applications vulnerability disclosure

16:00
Wordpress URL Video Lead Form Plugin Cross-Site Scripting Vulnerabilities
» ‎ SecuriTeam

The Video Lead Form Plugin in Wordpress http://wordpress.org/extend/plugins/video-lead-form/ has a Reflective XSS vulnerability in the browser URL which affects Wordpress 3.4.2 (Platform Used).
Tags: video url wordpress cross-site-scripting vulnerability
December 19, 2012
16:00
Wordpress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability
» ‎ SecuriTeam

The Simple Gmail Login plugin for Wordpress is prone to an information-disclosure vulnerability.
Tags: wordpress gmail simple information-disclosure-vulnerability stack-trace
December 18, 2012
16:00
WordPress GRAND Flash Album Gallery Plugin Multiple Remote Vulnerabilities
» ‎ SecuriTeam

GRAND Flash Album Gallery for WordPress is prone to following multiple vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple directory-traversal vulnerabilities 3. Multiple arbitrary file-overwrite vulnerabilities.
Tags: multiple wordpress grand sql-injection directory-traversal album-gallery
16:00
WordPress Nest Theme 'codigo' Parameter SQL Injection Vulnerability
» ‎ SecuriTeam

The Nest theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Tags: vulnerability wordpress sql nest nest-theme sql-injection sql-query

15:55
WordPress Clockstone Theme File Upload
» ‎ Packet Storm Security Exploits

The Clockstone WordPress theme appears to suffer from a remote shell upload vulnerability.
Tags: clockstone wordpress theme remote-shell file-upload vulnerability

15:55
WordPress Clockstone Theme File Upload
» ‎ Packet Storm Security Recent Files

The Clockstone WordPress theme appears to suffer from a remote shell upload vulnerability.
Tags: clockstone wordpress theme remote-shell file-upload vulnerability

15:55
WordPress Clockstone Theme File Upload
» ‎ Packet Storm Security Misc. Files

The Clockstone WordPress theme appears to suffer from a remote shell upload vulnerability.
Tags: clockstone wordpress theme remote-shell file-upload vulnerability

December 17, 2012
16:00
WordPress Spider Calendar Plugin 'many_sp_calendar' Parameter Cross Site Scripting Vulnerability
» ‎ SecuriTeam

The Spider Calendar plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.
Tags: calendar wordpress spider cross-site-scripting vulnerability

12:22
WordPress Rokbox 2.13 XSS / DoS / File Upload / Path Disclosure
» ‎ Packet Storm Security Exploits

Rokbox version 2.13 for WordPress suffers from content spoofing, cross site scripting, denial of service, path disclosure, and various other vulnerabilities.
Tags: path wordpress rokbox service-path denial-of-service file-upload

12:22
WordPress Rokbox 2.13 XSS / DoS / File Upload / Path Disclosure
» ‎ Packet Storm Security Recent Files

Rokbox version 2.13 for WordPress suffers from content spoofing, cross site scripting, denial of service, path disclosure, and various other vulnerabilities.
Tags: path wordpress rokbox service-path denial-of-service file-upload

12:22
WordPress Rokbox 2.13 XSS / DoS / File Upload / Path Disclosure
» ‎ Packet Storm Security Misc. Files

Rokbox version 2.13 for WordPress suffers from content spoofing, cross site scripting, denial of service, path disclosure, and various other vulnerabilities.
Tags: path wordpress rokbox service-path denial-of-service file-upload

9:53
[web applications] - Wordpress modules - sintic_gallery Arbitrary File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress modules - sintic_gallery Arbitrary File Upload Vulnerability
Tags: wordpress web gallery file-upload web-applications vulnerability

December 16, 2012
16:00
WordPress FireStorm Professional Real Estate Plugin Multiple SQL Injection Vulnerabilities
» ‎ SecuriTeam

The FireStorm Professional Real Estate plugin for WordPress is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Tags: firestorm wordpress professional professional-real-estate sql-injection sql-query
16:00
WordPress Pretty Link Lite Plugin 'search' Parameter Cross Site Scripting Vulnerability
» ‎ SecuriTeam

The Pretty Link Lite plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.
Tags: pretty wordpress link search-parameter cross-site-scripting vulnerability

December 15, 2012
14:32
[web applications] - WordPress RokBox Multiple Vulnerabilities
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - WordPress RokBox Multiple Vulnerabilities
Tags: web rokbox wordpress web-applications vulnerabilities
11:04
[web applications] - Wordpress Plugins - wp superb Slideshow Full Path Disclosure
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Plugins - wp superb Slideshow Full Path Disclosure
Tags: wordpress web plugins web-applications disclosure

December 14, 2012
13:00
Bugtraq: Wordpress Pingback Port Scanner
» ‎ SecurityFocus Vulnerabilities

Wordpress Pingback Port Scanner
Tags: wordpress port pingback port-scanner bugtraq

12:22
WordPress Pingback Port Scanner
» ‎ Packet Storm Security Recent Files

WordPress version 3.5 has the XML-RPC interface enabled by default. This tool uses the Pingback API to perform portscanning.
Tags: wordpress port pingback port-scanner xml-rpc

12:22
WordPress Pingback Port Scanner
» ‎ Packet Storm Security Tools

WordPress version 3.5 has the XML-RPC interface enabled by default. This tool uses the Pingback API to perform portscanning.
Tags: wordpress port pingback port-scanner xml-rpc

12:22
WordPress Pingback Port Scanner
» ‎ Packet Storm Security Misc. Files

WordPress version 3.5 has the XML-RPC interface enabled by default. This tool uses the Pingback API to perform portscanning.
Tags: wordpress port pingback port-scanner xml-rpc

0:00
Vuln: WordPress Portable phpMyAdmin Plugin CVE-2012-5469 Authentication Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

WordPress Portable phpMyAdmin Plugin CVE-2012-5469 Authentication Bypass Vulnerability
Tags: phpmyadmin wordpress portable vulnerability authentication

December 13, 2012
16:00
WordPress 'doing_wp_cron' Parameter Cross Site Scripting Vulnerability
» ‎ SecuriTeam

WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.
Tags: vulnerability wordpress cron cross-site-scripting
16:00
Wordpress Facebook Survey SQL Injection Vulnerability
» ‎ SecuriTeam

A critical remote SQL Injection vulnerability in the Wordpress Facebook Survey Pro Plugin.
Tags: facebook wordpress sql vulnerability
16:00
WordPress UnGallery Plugin 'search' Parameter Remote Arbitrary Command Execution Vulnerability
» ‎ SecuriTeam

The UnGallery plugin for WordPress is prone to a remote arbitrary command-execution vulnerability because it fails to properly validate user-supplied input.
Tags: plugin wordpress ungallery command-execution arbitrary-command search-parameter
16:00
WordPress Zingiri Web Shop Plugin 'path' Parameter Arbitrary File Upload Vulnerability
» ‎ SecuriTeam

The Zingiri Web Shop plugin for WordPress is prone to an arbitrary file-upload vulnerability because it fails to adequately validate files before uploading them.
Tags: wordpress web zingiri path-parameter file-upload web-shop

10:12
[web applications] - Wordpress Plugin Portable phpMyAdmin Authentication Bypass
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Plugin Portable phpMyAdmin Authentication Bypass
Tags: wordpress web plugin web-applications authentication phpmyadmin

December 12, 2012
15:55
WordPress portable-phpMyAdmin 1.3.0 Authentication Bypass
» ‎ Packet Storm Security Exploits

WordPress portable-phpMyAdmin plugin version 1.3.0 fails to validate the existing session allowing a user to navigate directly to the interface.
Tags: authentication wordpress myadmin interface phpmyadmin

15:55
WordPress portable-phpMyAdmin 1.3.0 Authentication Bypass
» ‎ Packet Storm Security Recent Files

WordPress portable-phpMyAdmin plugin version 1.3.0 fails to validate the existing session allowing a user to navigate directly to the interface.
Tags: authentication wordpress myadmin interface phpmyadmin

15:55
WordPress portable-phpMyAdmin 1.3.0 Authentication Bypass
» ‎ Packet Storm Security Misc. Files

WordPress portable-phpMyAdmin plugin version 1.3.0 fails to validate the existing session allowing a user to navigate directly to the interface.
Tags: authentication wordpress myadmin interface phpmyadmin

1:25
[web applications] - WordPress ABC Test Plugin directory traversal
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - WordPress ABC Test Plugin directory traversal
Tags: web wordpress abc directory-traversal web-applications
1:25
[web applications] - WordPress ABC Test Plugin 0.1 Cross Site Script XSS
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - WordPress ABC Test Plugin 0.1 Cross Site Script XSS
Tags: web wordpress abc web-applications
1:22
[web applications] - WordPress 3.5 multiple path disclosure vulnerabilities
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - WordPress 3.5 multiple path disclosure vulnerabilities
Tags: web path wordpress web-applications disclosure

December 11, 2012
16:00
Wordpress Plugin Catalog HTML Code Injection and Cross-site Scripting Vulnerability
» ‎ SecuriTeam

The Spider Catalog plugin for WordPress is prone to multiple HTML injection vulnerabilities because it fails to properly sanitize user-supplied input.
Tags: catalog wordpress plugin spider-catalog catalog-html vulnerabilities
December 10, 2012
16:00
WordPress Bookings Plugin 'error' Parameter Cross Site Scripting Vulnerability
» ‎ SecuriTeam

The Bookings plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.
Tags: vulnerability plugin wordpress cross-site-scripting bookings
16:00
WordPress Simple Slider Plugin Cross Site Scripting Vulnerability
» ‎ SecuriTeam

The Simple Slider plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.
Tags: slider wordpress simple vulnerability
16:00
WordPress Wordfence Security Plugin Cross Site Scripting Vulnerability
» ‎ SecuriTeam

The Wordfence Security plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.
Tags: wordfence wordpress security vulnerability

5:11
[web applications] - WordPress SEO Plugin 1.3.11 Cross Site Script Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - WordPress SEO Plugin 1.3.11 Cross Site Script Vulnerability
Tags: seo web wordpress web-applications vulnerability

December 09, 2012
16:00
WordPress Crayon Syntax Highlighter Plugin 'wp_load' Parameter Remote File Include Vulnerabilities
» ‎ SecuriTeam

The Crayon Syntax Highlighter plug-in for WordPress is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input.
Tags: wordpress crayon syntax syntax-highlighter
16:00
Wordpress Simple Slider Plugin Cross-Site Scripting Vulnerabilities
» ‎ SecuriTeam

Wordpress Simple Slider Plugin is prone to a cross-site scripting Vulnerability.
Tags: slider wordpress simple vulnerability
16:00
WordPress Zarzadzonie Kontem Plugin 'ajaxfilemanager.php' Script Arbitrary File Upload Vulnerability
» ‎ SecuriTeam

The Zarzadzonie Kontem plugin for WordPress is prone to an arbitrary file-upload vulnerability because it fails to adequately validate files before uploading them.
Tags: wordpress kontem zarzadzonie file-upload php-script vulnerability

December 07, 2012
0:00
Vuln: WordPress Video Lead Form Plugin 'errMsg' Parameter Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

WordPress Video Lead Form Plugin 'errMsg' Parameter Cross Site Scripting Vulnerability
Tags: video wordpress form cross-site-scripting vulnerability

December 06, 2012
17:11
WordPress Simple Gmail Login Path Disclosure
» ‎ Packet Storm Security Exploits

WordPress Simple Gmail Login plugin suffers from a stack trace error condition that can lead to full path disclosure.
Tags: gmail wordpress simple stack-trace error-condition

17:11
WordPress Simple Gmail Login Path Disclosure
» ‎ Packet Storm Security Recent Files

WordPress Simple Gmail Login plugin suffers from a stack trace error condition that can lead to full path disclosure.
Tags: gmail wordpress simple stack-trace error-condition

17:11
WordPress Simple Gmail Login Path Disclosure
» ‎ Packet Storm Security Misc. Files

WordPress Simple Gmail Login plugin suffers from a stack trace error condition that can lead to full path disclosure.
Tags: gmail wordpress simple stack-trace error-condition

16:00
WordPress Thank You Counter Button Plugin 'paged' Parameter Cross Site Scripting Vulnerability
» ‎ SecuriTeam

The Thank You Counter Button plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.
Tags: counter wordpress button cross-site-scripting vulnerability
16:00
WordPress Zingiri Form Builder Plugin Cross Site Scripting Vulnerability
» ‎ SecuriTeam

The Zingiri Form Builder plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
Tags: wordpress form zingiri vulnerability
December 05, 2012
16:00
WordPress eShop Magic Plugin 'File' Parameter Arbitrary File Disclosure Vulnerability
» ‎ SecuriTeam

The eShop Magic plugin for WordPress is prone to an arbitrary-file-disclosure vulnerability because it fails to properly sanitize user-supplied input.
Tags: eshop magic wordpress vulnerability disclosure
16:00
WordPress Poll Plugin 'wp-admin/admin-ajax.php' Script Multiple SQL Injection Vulnerabilities
» ‎ SecuriTeam

The Poll Plugin for WordPress is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Tags: plugin wordpress poll sql-injection sql-query php-script
16:00
WordPress All Video Gallery Plugin 'vid' Parameter Multiple SQL Injection Vulnerabilities
» ‎ SecuriTeam

The All Video Gallery plugin for WordPress is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Tags: gallery video wordpress sql-injection sql-query video-gallery
16:00
WordPress Magazine Basic Theme 'id' Parameter SQL Injection Vulnerability
» ‎ SecuriTeam

The Magazine Basic theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Tags: wordpress magazine theme theme-id sql-query vulnerability

14:39
[web applications] - Wordpress 3.4.2 JetPack Full Path Disclosure
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress 3.4.2 JetPack Full Path Disclosure
Tags: jetpack wordpress web web-applications disclosure
10:29
[web applications] - Wordpress Plugins - my-link-order Full Path Disclosure Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Plugins - my-link-order Full Path Disclosure Vulnerability
Tags: wordpress web plugins web-applications vulnerability disclosure
December 03, 2012
13:24
[web applications] - Wordpress 3.4.2 Full Path Disclosure Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress 3.4.2 Full Path Disclosure Vulnerability
Tags: wordpress web full web-applications vulnerability disclosure

1:22
WordPress Nest SQL Injection
» ‎ Packet Storm Security Exploits

The WordPress Nest theme suffers from a remote SQL injection vulnerability. Note that these findings house site-specific data.
Tags: injection wordpress theme nest nest-sql vulnerability-note

1:22
WordPress Nest SQL Injection
» ‎ Packet Storm Security Recent Files

The WordPress Nest theme suffers from a remote SQL injection vulnerability. Note that these findings house site-specific data.
Tags: injection wordpress theme nest nest-sql vulnerability-note

1:22
WordPress Nest SQL Injection
» ‎ Packet Storm Security Misc. Files

The WordPress Nest theme suffers from a remote SQL injection vulnerability. Note that these findings house site-specific data.
Tags: injection wordpress theme nest nest-sql vulnerability-note

December 02, 2012
16:00
WordPress DX-Contribute Plugin Cross Site Request Forgery Vulnerability
» ‎ SecuriTeam

The DX-Contribute plugin for WordPress is prone to a cross-site request-forgery vulnerability because the application fails to properly validate HTTP requests.
Tags: plugin wordpress dx-contribute forgery vulnerability

December 01, 2012
1:22
WordPress WP-Realty Local File Inclusion
» ‎ Packet Storm Security Exploits

WordPress WP-Realty third party plugin suffers from a local file inclusion vulnerability. Note that these findings house site-specific data.
Tags: wordpress file wp-realty party-plugin vulnerability-note

1:22
WordPress WP-Realty Local File Inclusion
» ‎ Packet Storm Security Recent Files

WordPress WP-Realty third party plugin suffers from a local file inclusion vulnerability. Note that these findings house site-specific data.
Tags: wordpress file wp-realty party-plugin vulnerability-note

1:22
WordPress WP-Realty Local File Inclusion
» ‎ Packet Storm Security Misc. Files

WordPress WP-Realty third party plugin suffers from a local file inclusion vulnerability. Note that these findings house site-specific data.
Tags: wordpress file wp-realty party-plugin vulnerability-note

November 30, 2012
23:11
WordPress Zingiri Forum Local File Inclusion
» ‎ Packet Storm Security Exploits

WordPress Zingiri Forum third party plugin suffers from a local file inclusion vulnerability. Note that these findings house site-specific data.
Tags: forum wordpress zingiri party-plugin vulnerability-note

23:11
WordPress Zingiri Forum Local File Inclusion
» ‎ Packet Storm Security Recent Files

WordPress Zingiri Forum third party plugin suffers from a local file inclusion vulnerability. Note that these findings house site-specific data.
Tags: forum wordpress zingiri party-plugin vulnerability-note

23:11
WordPress Zingiri Forum Local File Inclusion
» ‎ Packet Storm Security Misc. Files

WordPress Zingiri Forum third party plugin suffers from a local file inclusion vulnerability. Note that these findings house site-specific data.
Tags: forum wordpress zingiri party-plugin vulnerability-note

8:23
[web applications] - Wordpress Themes - yvora Arbitrary File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes - yvora Arbitrary File Upload Vulnerability
Tags: wordpress web themes wordpress-themes file-upload web-applications
8:23
[web applications] - Wordpress Themes - felici Arbitrary File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes - felici Arbitrary File Upload Vulnerability
Tags: wordpress web themes wordpress-themes file-upload web-applications
8:22
[web applications] - Wordpress Themes - dagda Arbitrary File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes - dagda Arbitrary File Upload Vulnerability
Tags: wordpress web themes wordpress-themes file-upload web-applications
8:22
[web applications] - Wordpress Themes - appius Arbitrary File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes - appius Arbitrary File Upload Vulnerability
Tags: wordpress web themes wordpress-themes file-upload web-applications
8:21
[web applications] - Wordpress Themes- vithy Arbitrary File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes- vithy Arbitrary File Upload Vulnerability
Tags: wordpress web themes wordpress-themes file-upload web-applications
8:20
[web applications] - Wordpress Themes - Shotzz Arbitrary File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes - Shotzz Arbitrary File Upload Vulnerability
Tags: wordpress web themes wordpress-themes file-upload web-applications
8:20
[web applications] - Wordpress Plugins - image-store Arbitrary File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Plugins - image-store Arbitrary File Upload Vulnerability
Tags: wordpress web plugins image-store file-upload web-applications

November 29, 2012
17:44
WordPress Default Local File Inclusion
» ‎ Packet Storm Security Exploits

WordPress Default theme suffers from a local file inclusion vulnerability. Note that these findings house site-specific data.
Tags: wordpress file default default-theme vulnerability-note inclusion
17:11
WordPress Video Lead Form 0.5 Cross Site Scripting
» ‎ Packet Storm Security Exploits

WordPress Video Lead Form plugin version 0.5 suffers from a cross site scripting vulnerability.
Tags: video wordpress form vulnerability

17:11
WordPress Video Lead Form 0.5 Cross Site Scripting
» ‎ Packet Storm Security Recent Files

WordPress Video Lead Form plugin version 0.5 suffers from a cross site scripting vulnerability.
Tags: video wordpress form vulnerability

17:11
WordPress Video Lead Form 0.5 Cross Site Scripting
» ‎ Packet Storm Security Misc. Files

WordPress Video Lead Form plugin version 0.5 suffers from a cross site scripting vulnerability.
Tags: video wordpress form vulnerability

16:00
WordPress FLV Player Plugin 'id' Parameter SQL Injection Vulnerability
» ‎ SecuriTeam

The FLV Player plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query.
Tags: wordpress player flv player-plugin sql-query flv-player

13:17
[web applications] - Wordpress Themes - onepagewebsite Arbitrary File Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Themes - onepagewebsite Arbitrary File Upload Vulnerability
Tags: wordpress web themes wordpress-themes file-upload web-applications

8:00
Bugtraq: Wordpress Plugin Simple Gmail Login Stack Trace Vulnerability
» ‎ SecurityFocus Vulnerabilities

Wordpress Plugin Simple Gmail Login Stack Trace Vulnerability
Tags: wordpress plugin simple stack-trace gmail vulnerability

7:55
WordPress Studiocirmes Local File Inclusion
» ‎ Packet Storm Security Exploits

WordPress Studiocirmes theme suffers from a local file inclusion vulnerability. Note that these findings house site-specific data.
Tags: wordpress file studiocirmes vulnerability-note inclusion
6:44
WordPress TimelineJS_Nuweb Local File Inclusion
» ‎ Packet Storm Security Exploits

The WordPress TimelineJS_Nuweb third party plugin suffers from a local file inclusion vulnerability. Note that these findings house site-specific data.
Tags: nuweb wordpress timelinejs party-plugin vulnerability-note inclusion

6:44
WordPress TimelineJS_Nuweb Local File Inclusion
» ‎ Packet Storm Security Recent Files

The WordPress TimelineJS_Nuweb third party plugin suffers from a local file inclusion vulnerability. Note that these findings house site-specific data.
Tags: nuweb wordpress timelinejs party-plugin vulnerability-note inclusion

6:44
WordPress TimelineJS_Nuweb Local File Inclusion
» ‎ Packet Storm Security Misc. Files

The WordPress TimelineJS_Nuweb third party plugin suffers from a local file inclusion vulnerability. Note that these findings house site-specific data.
Tags: nuweb wordpress timelinejs party-plugin vulnerability-note inclusion

3:11
WordPress Themes SQL Injection
» ‎ Packet Storm Security Exploits

WordPress lotto-mg-online, aviokarte, webplayer, ktai-style, fundacaojorgeamado, thesis_16, and onlinedata themes all suffer from a remote SQL injection vulnerability. Seven separate exploits are included. Note that these findings house site-specific data.
Tags: injection wordpress sql onlinedata wordpress-themes exploits

3:11
WordPress Themes SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress lotto-mg-online, aviokarte, webplayer, ktai-style, fundacaojorgeamado, thesis_16, and onlinedata themes all suffer from a remote SQL injection vulnerability. Seven separate exploits are included. Note that these findings house site-specific data.
Tags: injection wordpress sql onlinedata wordpress-themes exploits

3:11
WordPress Themes SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress lotto-mg-online, aviokarte, webplayer, ktai-style, fundacaojorgeamado, thesis_16, and onlinedata themes all suffer from a remote SQL injection vulnerability. Seven separate exploits are included. Note that these findings house site-specific data.
Tags: injection wordpress sql onlinedata wordpress-themes exploits

2:11
WordPress Toolbox 1.4 SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Toolbox theme version 1.4 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: wordpress vulnerability-note toolbox

2:11
WordPress Toolbox 1.4 SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Toolbox theme version 1.4 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: toolbox wordpress sql vulnerability-note

2:11
WordPress Toolbox 1.4 SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Toolbox theme version 1.4 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: toolbox wordpress sql vulnerability-note

0:00
Vuln: WordPress CSS Plus Plugin Multiple Unspecified Security Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

WordPress CSS Plus Plugin Multiple Unspecified Security Vulnerabilities
Tags: wordpress css plus security-vulnerabilities

November 27, 2012
16:00
WordPress Madebymilk Theme 'id' Parameter SQL Injection Vulnerability
» ‎ SecuriTeam

The Madebymilk theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query.
Tags: wordpress theme madebymilk theme-id sql-query vulnerability

9:16
[web applications] - WordPress - PICA Photo Gallery Automatic SQL Injection (perl)
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - WordPress - PICA Photo Gallery Automatic SQL Injection (perl)
Tags: web wordpress pica sql-injection web-applications photo-gallery

6:44
WordPress ASM SQL Injection
» ‎ Packet Storm Security Exploits

WordPress ASM theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: asm wordpress sql sql-injection vulnerability-note

6:44
WordPress ASM SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress ASM theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: asm wordpress sql sql-injection vulnerability-note

6:44
WordPress ASM SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress ASM theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: asm wordpress sql sql-injection vulnerability-note

4:12
WordPress Newstimes Package SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Newstimes Package theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: package wordpress newstimes vulnerability-note

4:12
WordPress Newstimes Package SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Newstimes Package theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: package wordpress newstimes vulnerability-note

4:12
WordPress Newstimes Package SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Newstimes Package theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: package wordpress newstimes vulnerability-note

4:01
WordPress Starmark Local File Inclusion
» ‎ Packet Storm Security Exploits

WordPress Starmark theme suffers from a local file inclusion vulnerability. Note that this finding houses site-specific data.
Tags: wordpress file starmark vulnerability-note inclusion

4:01
WordPress Starmark Local File Inclusion
» ‎ Packet Storm Security Recent Files

WordPress Starmark theme suffers from a local file inclusion vulnerability. Note that this finding houses site-specific data.
Tags: wordpress file starmark vulnerability-note inclusion

4:01
WordPress Starmark Local File Inclusion
» ‎ Packet Storm Security Misc. Files

WordPress Starmark theme suffers from a local file inclusion vulnerability. Note that this finding houses site-specific data.
Tags: wordpress file starmark vulnerability-note inclusion

3:33
WordPress Myflash Local File Inclusion
» ‎ Packet Storm Security Exploits

WordPress Myflash third party plugin suffers from a local file inclusion vulnerability. Note that this finding houses site-specific data.
Tags: myflash wordpress file party-plugin vulnerability-note inclusion

3:33
WordPress Myflash Local File Inclusion
» ‎ Packet Storm Security Recent Files

WordPress Myflash third party plugin suffers from a local file inclusion vulnerability. Note that this finding houses site-specific data.
Tags: myflash wordpress file party-plugin vulnerability-note inclusion

3:33
WordPress Myflash Local File Inclusion
» ‎ Packet Storm Security Misc. Files

WordPress Myflash third party plugin suffers from a local file inclusion vulnerability. Note that this finding houses site-specific data.
Tags: myflash wordpress file party-plugin vulnerability-note inclusion

3:11
WordPress Yaren Tema SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Yaren Tema theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: tema wordpress sql yaren vulnerability-note

3:11
WordPress Yaren Tema SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Yaren Tema theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: tema wordpress sql yaren vulnerability-note

3:11
WordPress Yaren Tema SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Yaren Tema theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: tema wordpress sql yaren vulnerability-note

November 26, 2012
3:11
WordPress Oberliga SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Oberliga Theme suffers from a remote SQL injection vulnerability.
Tags: oberliga wordpress sql sql-injection vulnerability
3:11
WordPress Shai-Saul SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Shai-Saul Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: injection wordpress shai saul-theme saul-sql sql-injection saul

3:11
WordPress Shai-Saul SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Shai-Saul Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: injection wordpress shai saul-theme saul-sql sql-injection saul
3:11
WordPress Oberliga SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Oberliga Theme suffers from a remote SQL injection vulnerability.
Tags: oberliga wordpress sql sql-injection vulnerability

3:11
WordPress Shai-Saul SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Shai-Saul Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: injection wordpress shai saul-theme saul-sql sql-injection saul
3:11
WordPress Oberliga SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Oberliga Theme suffers from a remote SQL injection vulnerability.
Tags: oberliga wordpress sql sql-injection vulnerability

2:24
WordPress cstardesign SQL Injection
» ‎ Packet Storm Security Exploits

WordPress cstardesign Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: wordpress cstardesign sql sql-injection vulnerability-note

2:24
WordPress cstardesign SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress cstardesign Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: wordpress cstardesign sql sql-injection vulnerability-note

2:24
WordPress cstardesign SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress cstardesign Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: wordpress cstardesign sql sql-injection vulnerability-note

2:11
WordPress st_newsletter SQL Injection
» ‎ Packet Storm Security Exploits

WordPress st_newsletter Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: wordpress newsletter sql vulnerability-note

2:11
WordPress st_newsletter SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress st_newsletter Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: wordpress newsletter sql vulnerability-note

2:11
WordPress st_newsletter SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress st_newsletter Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: wordpress newsletter sql vulnerability-note

1:22
WordPress wp-imagezoon SQL Injection
» ‎ Packet Storm Security Exploits

WordPress wp-imagezoom Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: injection wordpress sql vulnerability-note

1:22
WordPress wp-imagezoon SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress wp-imagezoom Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: injection wordpress sql vulnerability-note

1:22
WordPress wp-imagezoon SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress wp-imagezoom Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: injection wordpress sql vulnerability-note

November 25, 2012
20:44
WordPress WeddingsAtWork SQL Injection
» ‎ Packet Storm Security Exploits

WordPress WeddingsAtWork Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: weddingsatwork wordpress sql sql-injection vulnerability-note

20:44
WordPress WeddingsAtWork SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress WeddingsAtWork Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: weddingsatwork wordpress sql sql-injection vulnerability-note

20:44
WordPress WeddingsAtWork SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress WeddingsAtWork Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: weddingsatwork wordpress sql sql-injection vulnerability-note

9:22
WordPress WP-Basketball SQL Injection
» ‎ Packet Storm Security Exploits

WordPress WP-Basketball Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: wordpress wp-basketball sql vulnerability-note basketball
4:22
WordPress Finalist SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Finalist Theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: wordpress finalist sql vulnerability-note
3:11
WordPress Ads Box SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Ads Box third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: box wordpress sql party-plugin sql-injection vulnerability-note

3:11
WordPress Ads Box SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Ads Box third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: box wordpress sql party-plugin sql-injection vulnerability-note

3:11
WordPress Ads Box SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Ads Box third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: box wordpress sql party-plugin sql-injection vulnerability-note

November 24, 2012
6:44
WordPress Malmonation Theme SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Malmonation theme suffers from a remote SQL injection vulnerability.
Tags: wordpress theme malmonation vulnerability

6:44
WordPress Malmonation Theme SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Malmonation theme suffers from a remote SQL injection vulnerability.
Tags: wordpress theme malmonation vulnerability

6:44
WordPress Malmonation Theme SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Malmonation theme suffers from a remote SQL injection vulnerability.
Tags: wordpress theme malmonation vulnerability

November 23, 2012
13:24
[web applications] - Wordpress Plugin plg_novana Sql Injection Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Plugin plg_novana Sql Injection Vulnerability
Tags: wordpress web plugin plg web-applications vulnerability

November 22, 2012
9:22
WordPress Zarzadzanie Kontem Shell Upload
» ‎ Packet Storm Security Exploits

WordPress Zarzadzonie Kontem third party plugin suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
Tags: shell wordpress kontem remote-shell party-plugin
9:22
WordPress Zingiri Web Shop 2.5.0 Shell Upload
» ‎ Packet Storm Security Exploits

WordPress Zingiri Web Shop third party plugin version 2.5.0 suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
Tags: wordpress web zingiri remote-shell party-plugin web-shop

9:22
WordPress Zarzadzanie Kontem Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress Zarzadzonie Kontem third party plugin suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
Tags: shell wordpress kontem remote-shell party-plugin
9:22
WordPress Zingiri Web Shop 2.5.0 Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress Zingiri Web Shop third party plugin version 2.5.0 suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
Tags: wordpress web zingiri remote-shell party-plugin web-shop

9:22
WordPress Zarzadzanie Kontem Shell Upload
» ‎ Packet Storm Security Misc. Files

WordPress Zarzadzonie Kontem third party plugin suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
Tags: shell wordpress kontem remote-shell party-plugin
9:22
WordPress Zingiri Web Shop 2.5.0 Shell Upload
» ‎ Packet Storm Security Misc. Files

WordPress Zingiri Web Shop third party plugin version 2.5.0 suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
Tags: wordpress web zingiri remote-shell party-plugin web-shop

8:22
WordPress Webplayer SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Webplayer Player third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: webplayer wordpress sql party-plugin sql-injection vulnerability-note

8:22
WordPress Webplayer SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Webplayer Player third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: webplayer wordpress sql party-plugin sql-injection vulnerability-note

8:22
WordPress Webplayer SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Webplayer Player third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: webplayer wordpress sql party-plugin sql-injection vulnerability-note

8:11
WordPress FS-Real-Estate SQL Injection
» ‎ Packet Storm Security Exploits

WordPress FS-Real-Estate third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: fs-real-estate wordpress sql party-plugin vulnerability-note third-party

8:11
WordPress FS-Real-Estate SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress FS-Real-Estate third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: fs-real-estate wordpress sql party-plugin vulnerability-note third-party

8:11
WordPress FS-Real-Estate SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress FS-Real-Estate third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: fs-real-estate wordpress sql party-plugin vulnerability-note third-party

7:55
WordPress Simple Slider 1.0 Cross Site Scripting
» ‎ Packet Storm Security Exploits

WordPress Simple Slider plugin version 1.0 suffers from a cross site scripting vulnerability.
Tags: slider wordpress simple plugin-version vulnerability

7:55
WordPress Simple Slider 1.0 Cross Site Scripting
» ‎ Packet Storm Security Recent Files

WordPress Simple Slider plugin version 1.0 suffers from a cross site scripting vulnerability.
Tags: slider wordpress simple plugin-version vulnerability

7:55
WordPress Simple Slider 1.0 Cross Site Scripting
» ‎ Packet Storm Security Misc. Files

WordPress Simple Slider plugin version 1.0 suffers from a cross site scripting vulnerability.
Tags: slider wordpress simple plugin-version vulnerability

6:44
WordPress Plg Novana SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Plg Novana third party plugin suffers from a remote SQL injection vulnerability.
Tags: wordpress plg novana party-plugin vulnerability

6:44
WordPress Plg Novana SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Plg Novana third party plugin suffers from a remote SQL injection vulnerability.
Tags: wordpress plg novana party-plugin vulnerability

6:44
WordPress Plg Novana SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Plg Novana third party plugin suffers from a remote SQL injection vulnerability.
Tags: wordpress plg novana party-plugin vulnerability

2:11
WordPress Magazine Basic SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Magazine Basic third party plugin theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: wordpress magazine sql party-plugin sql-injection vulnerability-note

0:00
Vuln: WordPress FireStorm Professional Real Estate Plugin 'id' Parameter SQL Injection Vulnerability
» ‎ SecurityFocus Vulnerabilities

WordPress FireStorm Professional Real Estate Plugin 'id' Parameter SQL Injection Vulnerability
Tags: firestorm wordpress professional professional-real-estate vulnerability

November 21, 2012
5:03
[web applications] - Wordpress Plugin tdo-mini-forms (rfu/rfd) Vulnerabilities
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Plugin tdo-mini-forms (rfu/rfd) Vulnerabilities
Tags: wordpress web plugin web-applications vulnerabilities

November 20, 2012
15:44
WordPress Facebook Survey SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Facebook Survey third party plugin version 1 suffers from a remote SQL injection vulnerability.
Tags: facebook wordpress survey party-plugin vulnerability third-party

15:44
WordPress Facebook Survey SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Facebook Survey third party plugin version 1 suffers from a remote SQL injection vulnerability.
Tags: facebook wordpress survey party-plugin vulnerability third-party

15:44
WordPress Facebook Survey SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Facebook Survey third party plugin version 1 suffers from a remote SQL injection vulnerability.
Tags: facebook wordpress survey party-plugin vulnerability third-party

15:32
WordPress FireStorm Real Estate 2.06.08 SQL Injection
» ‎ Packet Storm Security Exploits

WordPress FireStorm Real Estate third party plugin version 2.06.08 suffer from a remote SQL injection vulnerability.
Tags: firestorm wordpress real party-plugin vulnerability third-party

15:32
WordPress FireStorm Real Estate 2.06.08 SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress FireStorm Real Estate third party plugin version 2.06.08 suffer from a remote SQL injection vulnerability.
Tags: firestorm wordpress real party-plugin vulnerability third-party

15:32
WordPress FireStorm Real Estate 2.06.08 SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress FireStorm Real Estate third party plugin version 2.06.08 suffer from a remote SQL injection vulnerability.
Tags: firestorm wordpress real party-plugin vulnerability third-party

9:00
Bugtraq: Wordpress Facebook Survey v1 - SQL Injection Vulnerability
» ‎ SecurityFocus Vulnerabilities

Wordpress Facebook Survey v1 - SQL Injection Vulnerability
Tags: facebook wordpress survey vulnerability

4:11
WordPress Madebymilk SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Madebymilk theme suffers from a remote SQL injection vulnerability.
Tags: wordpress madebymilk sql sql-injection vulnerability

4:11
WordPress Madebymilk SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Madebymilk theme suffers from a remote SQL injection vulnerability.
Tags: wordpress madebymilk sql sql-injection vulnerability

4:11
WordPress Madebymilk SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Madebymilk theme suffers from a remote SQL injection vulnerability.
Tags: wordpress madebymilk sql sql-injection vulnerability

2:11
WordPress Dailyedition-mouss SQL Injection
» ‎ Packet Storm Security Exploits

WordPress Dailyedition-mouss theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: dailyedition-mouss wordpress sql dailyedition vulnerability-note

2:11
WordPress Dailyedition-mouss SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Dailyedition-mouss theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: dailyedition-mouss wordpress sql dailyedition vulnerability-note

2:11
WordPress Dailyedition-mouss SQL Injection
» ‎ Packet Storm Security Misc. Files

WordPress Dailyedition-mouss theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: dailyedition-mouss wordpress sql dailyedition vulnerability-note

November 18, 2012
8:03
[web applications] - Wordpress Plugins Spotlight Your Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Plugins Spotlight Your Upload Vulnerability
Tags: wordpress web plugins web-applications vulnerability
8:03
[web applications] - Wordpress Plugin Spotlight Your Upload Vulnerability
» ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)

[web applications] - Wordpress Plugin Spotlight Your Upload Vulnerability
Tags: wordpress web plugin web-applications vulnerability

November 17, 2012
9:22
WordPress ArribaLaEsteban SQL Injection
» ‎ Packet Storm Security Exploits

WordPress ArribaLaEsteban theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
Tags: wordpress arribalaesteban sql sql-injection vulnerability-note

Skip to page: 1 2 3 ... 8

jetlib.sec » Tags » wordpress

Feeds

1931 items tagged "wordpress"

Tags: wordpress cimy user vulnerability disclosure user-manager

Tags: uploader valums wordpress remote-shell vulnerability-note

Tags: uploader valums wordpress remote-shell vulnerability-note

Tags: uploader valums wordpress remote-shell vulnerability-note

Tags: custom wordpress advanced remote-file-include-vulnerability

Tags: xerte online wordpress remote-shell vulnerability

Tags: xerte online wordpress remote-shell vulnerability

Tags: xerte online wordpress remote-shell vulnerability

Tags: uploader shell wordpress remote-shell vulnerability

Tags: uploader shell wordpress remote-shell vulnerability

Tags: uploader shell wordpress remote-shell vulnerability

Tags: gallery reflex wordpress remote-shell gallery-1

Tags: gallery reflex wordpress remote-shell gallery-1

Tags: gallery reflex wordpress remote-shell gallery-1

Tags: cart wordpress shopping shopping-cart shell

Tags: cart wordpress shopping shopping-cart shell

Tags: cart wordpress shopping shopping-cart shell

Tags: album photo wordpress vulnerability photo-album

Tags: cross sahifa wordpress forgery

Tags: cross sahifa wordpress forgery

Tags: cross sahifa wordpress forgery

Tags: wordpress web themes wordpress-themes web-applications vulnerability

Tags: wordpress file themes exploits vulnerability

Tags: wordpress web themes wordpress-themes file-upload web-applications

Tags: content wordpress rockettheme disclosure

Tags: upload uploader wordpress file-upload vulnerability

Tags: content wordpress rockettheme disclosure

Tags: upload uploader wordpress file-upload vulnerability

Tags: upload uploader wordpress file-upload vulnerability

Tags: content wordpress rockettheme disclosure

Tags: upload uploader wordpress file-upload vulnerability

Tags: content wordpress rockettheme disclosure

Tags: upload uploader wordpress file-upload vulnerability

Tags: content wordpress rockettheme disclosure

Tags: upload uploader wordpress file-upload vulnerability

Tags: content wordpress rockettheme disclosure

Tags: wordpress web full web-applications disclosure cms

Tags: photo wordpress plus search-version photo-search forgery

Tags: photo wordpress plus search-version photo-search forgery

Tags: photo wordpress plus search-version photo-search forgery

Tags: photo wordpress plus search-version photo-search forgery

Tags: photo wordpress plus search-version photo-search forgery

Tags: shell wordpress twentyten remote-shell vulnerability

Tags: shell wordpress twentyten remote-shell vulnerability

Tags: shell wordpress twentyten remote-shell vulnerability

Tags: shell wordpress twentyten remote-shell vulnerability

Tags: shell wordpress twentyten remote-shell vulnerability

Tags: shell wordpress twentyten remote-shell vulnerability

Tags: upload wordpress manager arbitrary-code-execution asset-manager malicious-user

Tags: upload wordpress manager arbitrary-code-execution asset-manager malicious-user

Tags: upload wordpress manager arbitrary-code-execution asset-manager malicious-user

Tags: upload wordpress manager arbitrary-code-execution asset-manager malicious-user

Tags: new wordpress vuln

Tags: new wordpress vuln

Tags: upload asset wordpress manager-plugin asset-manager file-upload vulnerability

Tags: wp-property wordpress php exploits vulnerability

Tags: asset wordpress manager asset-manager exploits vulnerability

Tags: url wordpress wp-useronline vulnerability

Tags: wp-property plugin wordpress file-upload vulnerability

Tags: total cache wordpress password-hashes cache-data sql-queries

Tags: total cache wordpress password-hashes cache-data sql-queries

Tags: total cache wordpress password-hashes cache-data sql-queries

Tags: content wordpress rokbox wordpress-themes disclosure

Tags: content wordpress rokbox wordpress-themes disclosure

Tags: content wordpress rokbox wordpress-themes disclosure

Tags: wp-property wordpress php vulnerability

Tags: wp-property wordpress php vulnerability

Tags: wp-property wordpress php vulnerability

Tags: web plugin wordpress web-applications vulnerability

Tags: web plugin wordpress sql-injection web-applications

Tags: wordpress web themes wordpress-themes random-image widget

Tags: wordpress web themes wordpress-themes web-applications vulnerability

Tags: wordpress web themes wordpress-themes web-applications vulnerability