Popup by Supsystic WordPress plugin vulnerable to Cross-Site Request Forgery

March 1, 2017 007admin Leave a comment

Posted by Summer of Pwnage on Feb 28

————————————————————————
Popup by Supsystic WordPress plugin vulnerable to Cross-Site Request
Forgery
————————————————————————
Radjnies Bhansingh, July 2016

————————————————————————
Abstract
————————————————————————
A Cross-site Request Forgery vulnerablity…

Full Disclosure

VaultPress – Remote Code Execution via Man in The Middle attack

March 1, 2017 007admin Leave a comment

Posted by Summer of Pwnage on Feb 28

————————————————————————
VaultPress – Remote Code Execution via Man in The Middle attack
————————————————————————
David Vaartjes, July 2016

————————————————————————
Abstract
————————————————————————
A Man in The Middle (MiTM) vulnerability has been…

Full Disclosure

WordPress Adminer plugin allows public (local) database login

March 1, 2017 007admin Leave a comment

Posted by Summer of Pwnage on Feb 28

————————————————————————
WordPress Adminer plugin allows public (local) database login
————————————————————————
David Vaartjes, July 2016

————————————————————————
Abstract
————————————————————————
The Adminer WordPress plugin allows public login to the…

Full Disclosure

Cross-Site Scripting in Alpine PhotoTile for Instagram WordPress Plugin

March 1, 2017 007admin Leave a comment

Posted by Summer of Pwnage on Feb 28

————————————————————————
Cross-Site Scripting in Alpine PhotoTile for Instagram WordPress Plugin
————————————————————————
Antonis Manaras, July 2016

————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found in…

Full Disclosure

Cross-Site Scripting in Magic Fields 1 WordPress Plugin

March 1, 2017 007admin Leave a comment

Posted by Summer of Pwnage on Feb 28

————————————————————————
Cross-Site Scripting in Magic Fields 1 WordPress Plugin
————————————————————————
Burak Kelebek, July 2016

————————————————————————
Abstract
————————————————————————
A reflected Cross-Site Scripting vulnerability has been encountered…

Full Disclosure

Cross-Site Scripting in Google Analytics Dashboard WordPress Plugin

March 1, 2017 007admin Leave a comment

Posted by Summer of Pwnage on Feb 28

————————————————————————
Cross-Site Scripting in Google Analytics Dashboard WordPress Plugin
————————————————————————
Yorick Koster, July 2016

————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found in the…

Full Disclosure

Cross-Site Request Forgery in Atahualpa WordPress Theme

March 1, 2017 007admin Leave a comment

Posted by Summer of Pwnage on Feb 28

————————————————————————
Cross-Site Request Forgery in Atahualpa WordPress Theme
————————————————————————
Spyros Gasteratos, July 2016

————————————————————————
Abstract
————————————————————————
A Cross Site Request Forgery vulnerability exists in the…

Full Disclosure

Cross-Site Scripting in Atahualpa WordPress Theme

March 1, 2017 007admin Leave a comment

Posted by Summer of Pwnage on Feb 28

————————————————————————
Cross-Site Scripting in Atahualpa WordPress Theme
————————————————————————
Spyros Gasteratos, July 2016

————————————————————————
Abstract
————————————————————————
A number of Cross-Site Scripting vulnerabilities were found in the…

007 Software

Monthly Archives: March 2017

Popup by Supsystic WordPress plugin vulnerable to Cross-Site Request Forgery

VaultPress – Remote Code Execution via Man in The Middle attack

WordPress Adminer plugin allows public (local) database login

Cross-Site Scripting in Alpine PhotoTile for Instagram WordPress Plugin

Cross-Site Scripting in Magic Fields 1 WordPress Plugin

Cross-Site Scripting in Google Analytics Dashboard WordPress Plugin

Cross-Site Request Forgery in Atahualpa WordPress Theme

Cross-Site Scripting in Atahualpa WordPress Theme

Software and Security Information