Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Monthly Archives: September 2016
CVE-2016-7395
SkPath.cpp in Skia, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, does not properly validate the return values of ChopMonoAtY calls, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via crafted graphics data.
DSA-3665 openjpeg2 – security update
Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression /
decompression library, may result in denial of service or the execution
of arbitrary code if a malformed JPEG 2000 file is processed.
WordPress Woocommerce 2.6.2 API Cross Site Scripting
WordPress Woocommerce version 2.6.2 suffers from an API related cross site scripting vulnerability.
WordPress InfiniteWP Admin Panel 2.8.0 Authorization Bypass
WordPress InfiniteWP Admin Panel version 2.8.0 suffers from an authorization bypass vulnerability.
WordPress InfiniteWP Admin Panel 2.8.0 Command Injection
WordPress InfiniteWP Admin Panel version 2.8.0 suffers from a command injection vulnerability.
WordPress MailPoet Newsletters 2.7.2 Cross Site Scripting
WordPress MailPoet Newsletters 2.7.2 suffers from a cross site scripting vulnerability.
Authorization bypass in InfiniteWP Admin Panel
Posted by Summer of Pwnage on Sep 10
————————————————————————
Authorization bypass in InfiniteWP Admin Panel
————————————————————————
Sipke Mellema, July 2016
————————————————————————
Abstract
————————————————————————
An authorization bypass was found in the InfiniteWP Admin Panel that
allows…
Persistent Cross-Site Scripting in Woocommerce WordPress plugin
Posted by Summer of Pwnage on Sep 10
————————————————————————
Persistent Cross-Site Scripting in Woocommerce WordPress plugin
————————————————————————
Sipke Mellema, July 2016
————————————————————————
Abstract
————————————————————————
A vulnerability exists in the Woocommerce API that allows…
Reflected Cross-Site Scripting vulnerability in MailPoet Newsletters plugin
Posted by Summer of Pwnage on Sep 10
————————————————————————
Reflected Cross-Site Scripting vulnerability in MailPoet Newsletters
plugin
————————————————————————
Sipke Mellema, July 2016
————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found…