Xloner v3.1.2 wordpress plugin authenticated command execution and XSS

Posted by Larry W. Cashdollar on Jun 09

This advisory is in addition to the one I filed in November http://www.openwall.com/lists/oss-security/2014/11/06/1
that had the following CVEs
assigned CVE-2014-8603 CVE-2014-8604 CVE-2014-8605 CVE-2014-8606 CVE-2014-8607, advisory
http://www.vapid.dhs.org/advisory.php?v=110.

Title: Xloner v3.1.2 wordpress plugin authenticated command execution and XSS
Author: Larry W. Cashdollar, @_larry0
Date: 2015-05-10
Download Site:…

007 Software