ID |
DATE |
TITRE |
120275 |
31/03/2015 |
All In One SEO Pack Plugin for WordPress Meta Description Tag Remote Information Disclosure |
120123 |
30/03/2015 |
90min Plugin for WordPress Unspecified Issue |
120124 |
30/03/2015 |
WP Ultimate CSV Importer Plugin for WordPress templates/readfile.php Unspecified Issue |
120125 |
30/03/2015 |
eFront Plugin for WordPress Login Handling Unspecified Issue |
120065 |
30/03/2015 |
Aspose DOC Exporter Plugin for WordPress aspose_doc_exporter_download.php file Parameter Remote Path Traversal File Access |
120277 |
30/03/2015 |
The Newsletter Plugin for WordPress newsletter/statistics/link.php Open Redirect Weakness |
120136 |
29/03/2015 |
MaxButtons Plugin for WordPress Unspecified XSS (2) |
120137 |
29/03/2015 |
MaxButtons Plugin for WordPress Unspecified XSS (1) |
120139 |
29/03/2015 |
Aspose Importer & Exporter Plugin for WordPress /aspose_import_export_download file Parameter Remote Path Traversal File Access |
120138 |
29/03/2015 |
Aspose PDF Exporter Plugin for WordPress /aspose_pdf_exporter_download.php file Parameter Remote Path Traversal File Access |
119975 |
26/03/2015 |
Auto Affiliate Links Plugin for WordPress aal_settings.php Multiple Parameter XSS |
120031 |
26/03/2015 |
Aspose Cloud eBook Generator Plugin for WordPress aspose_posts_exporter_download.php file Parameter Remote Path Traversal File Access |
120280 |
26/03/2015 |
flashy Theme for WordPress Unspecified Reflected XSS |
120318 |
26/03/2015 |
Ptengine Plugin for WordPress ptengine-for-wordpress.php code Parameter Reflected XSS |
119890 |
24/03/2015 |
InBoundio Marketing Plugin for WordPress /admin/partials/csv_uploader.php File Upload Remote Code Execution |
119979 |
24/03/2015 |
Gallery plugin for WordPress /gallery-plugin.php Direct Request Path Disclosure Weakness |
120312 |
24/03/2015 |
Shortcodes Ultimate Plugin for WordPress inc/core/tools.php Example Previewing CSRF |
120314 |
24/03/2015 |
Shortcodes Ultimate Plugin for WordPress inc/vendor/sunrise.php Custom CSS Page CSRF |
119911 |
23/03/2015 |
MP3-jPlayer Plugin for WordPress /download.php mp3 Parameter Remote Path Traversal File Disclosure |
119929 |
23/03/2015 |
PageBuilderSandwich Plugin for WordPress Multiple Script Direct Request Path Disclosure Weakness |
119987 |
23/03/2015 |
WP-Donate Plugin for WordPress includes/donate-display.php Multiple Parameter SQL Injection |
119926 |
22/03/2015 |
Ajax Search Pro Plugin for WordPress ajax-search-pro/backend/settings.php wpdreams-ajaxinput Action Function Invocation Remote Privilege Escalation |
119845 |
22/03/2015 |
PlusCaptcha Plugin for WordPress library/admin.php CSRF |
119846 |
20/03/2015 |
Category and Page Icons Plugin for WordPress include/wpdev-flash-uploader.php Direct Access Authentication Bypass |
119847 |
20/03/2015 |
Category and Page Icons Plugin for WordPress menu-compouser.php Direct Access Authentication Bypass |
119848 |
20/03/2015 |
Calls to Action Plugin for WordPress Unspecified Issue |
119849 |
20/03/2015 |
Landing Pages Plugin for WordPress Unspecified Issue |
119850 |
20/03/2015 |
Leads Plugin for WordPress leads/shared/classes/class.lead-storage.php first_name Parameter Stored XSS |
119810 |
19/03/2015 |
Google Analytics by Yoast Plugin for Wordpress /admin-post.php Property Name Field Stored XSS |
119474 |
18/03/2015 |
Live Forms Plugin for WordPress liveforms.php Multiple Parameter SQL Injection |
119799 |
18/03/2015 |
Easy Coming Soon Plugin for WordPress easy-coming-soon/coming-soon-plugin.php coming_soon_page_settings Function Title Field Stored XSS |
119865 |
18/03/2015 |
WP-Optimize Plugin for WordPress Unspecified Issue |
119901 |
17/03/2015 |
WPML Plugin for WordPress Inadequate Nonce Checks Multiple Unauthenticated Ajax Actions |
119888 |
17/03/2015 |
Gravity Forms Plugin for WordPress form_list.php sort_column Parameter Blind SQL Injection |
119889 |
17/03/2015 |
Gravity Forms Plugin for WordPress forms_model.php sort_column Parameter Blind SQL Injection |
119623 |
16/03/2015 |
DesignFolio+ Theme for WordPress upload-file.php File Upload Remote Code Execution |
|
16/03/2015 |
Pods Plugin for Wordpress classes/PodsUI.php orderby Parameter SQL Injection |
120322 |
16/03/2015 |
Knews Multilingual Newsletters Plugin for WordPress Unspecified SQL Injection |
119637 |
15/03/2015 |
Swift Security Lite Plugin for WordPress classes/Settings.class.php Unspecified Issue |
119554 |
13/03/2015 |
WooCommerce Plugin for WordPress Tax Settings Page tax_rate_country Parameter SQL Injection |
119555 |
13/03/2015 |
WooCommerce Plugin for WordPress Tooltips Order Handling Stored XSS |
119645 |
13/03/2015 |
AB Google Map Travel Plugin for WordPress ab-google-map-travel.php Multiple Parameter Stored XSS Weakness |
119893 |
13/03/2015 |
AB Google Map Travel Plugin for WordPress ab-google-map-travel.php Multiple Action CSRF |
119541 |
12/03/2015 |
WPML Plugin for WordPress /comments/feed action Parameter HTTP Referer Handling SQL Injection |
119500 |
12/03/2015 |
WPML Plugin for WordPress menu sync Missing Access Control Remote Content Deletion |
119499 |
12/03/2015 |
WPML Plugin for WordPress reminder popup Action target Parameter Reflected XSS |
119649 |
12/03/2015 |
WP All Import Plugin for WordPress Unspecified Reflected XSS |
119648 |
12/03/2015 |
WP All Import Plugin for WordPress Unspecified SQL Injection |
119425 |
11/03/2015 |
WordPress SEO by Yoast Plugin for WordPress Multiple Parameter SQL Injection |
119426 |
11/03/2015 |
WordPress SEO by Yoast Plugin for WordPress Unspecified CSRF |
119475 |
11/03/2015 |
Spider Event Calendar Plugin for WordPress Multiple Actions CSRF |
119414 |
10/03/2015 |
Daily Edition Theme for WordPress /fiche-disque.php id Parameter XSS |
119415 |
10/03/2015 |
Daily Edition Theme for WordPress /thumb.php src Parameter Path Disclosure Weakness |
119408 |
10/03/2015 |
Fraction Theme for WordPress /fraction-theme/functions/ajax.php ot_save_options() Function Remote Privilege Escalation |
119334 |
09/03/2015 |
Google Analytics by Yoast Plugin for Wordpress admin/class-admin.php manual_ua_code_field Field Stored XSS Weakness |
119515 |
09/03/2015 |
Custom Community Theme for WordPress /wp-admin/admin-ajax.php cc2_advanced_settings_save Action settings[custom_css] Form Field Stored XSS |
119504 |
09/03/2015 |
MiwoFTP Plugin for WordPress miwoftp.php Unspecified Remote Information Disclosure |
119505 |
09/03/2015 |
Related Posts Lite Plugin for WordPress backend/settings/types.inc.php wpdreams_callback Parameter Unspecified Issue |
119472 |
09/03/2015 |
Ajax Search Lite Plugin for WordPress Unspecified Issue |
119506 |
07/03/2015 |
IP Blacklist Cloud Plugin for WordPress importCSVIPCloud Action filename Parameter Remote Path Traversal File Access |
119388 |
07/03/2015 |
Daily Edition Theme for WordPress /fiche-disque.php id Parameter SQL Injection |
119516 |
07/03/2015 |
FormGet Contact Form Plugin for WordPress index.php request_response Action value Parameter Stored XSS |
119509 |
06/03/2015 |
MainWP-Child Plugin for WordPress class/MainWPChild.class.php parse_init() Function Administrator Authentication Bypass |
119513 |
06/03/2015 |
BBPress Plugin for WordPress Multiple Unspecified Issues |
120323 |
06/03/2015 |
Another WordPress Classifieds Plugin for WordPress upload_awpcp.php Remote File Upload |
119170 |
05/03/2015 |
The Newsletter Plugin for WordPress do.php nr Parameter Open Redirect Weakness |
119171 |
05/03/2015 |
Max Banner Ads Plugin for WordPress info.php zone_id Parameter XSS |
119181 |
05/03/2015 |
IgnitionDeck Plugin for WordPress idf-functions.php Theme / Extension Activation Missing Capability Check Remote Bypass |
119182 |
05/03/2015 |
Spider Event Calendar Plugin for WordPress Theme_functions.php Multiple Parameter SQL Injection |
119183 |
05/03/2015 |
SP Project & Document Manager Plugin for WordPress classes/ajax.php pid Parameter SQL Injection |
119184 |
05/03/2015 |
Spider Event Calendar Plugin for WordPress calendar.php Multiple Parameter SQL Injection |
119185 |
05/03/2015 |
Spider Event Calendar Plugin for WordPress calendar_functions.html.php Multiple Parameter XSS |
119186 |
05/03/2015 |
Spider Event Calendar Plugin for WordPress calendar_functions.php Multiple Parameter SQL Injection |
119187 |
05/03/2015 |
Spider Event Calendar Plugin for WordPress widget_Theme_functions.php Multiple Parameter SQL Injection |
119188 |
05/03/2015 |
IgnitionDeck Plugin for WordPress idf-wp.php Unauthorized Media Editing Remote Bypass |
119067 |
04/03/2015 |
Contact Form To DB Plugin for WordPress /wp-admin/admin.php CF7DBPluginSubmissions Page Stored Form Submission Deletion CSRF |
119284 |
04/03/2015 |
Ya'arburnee / Dignitas Themes for WordPress df_save_options() Function Missing Restriction Remote Privilege Escalation |
119261 |
04/03/2015 |
WP Plugin Info Card Plugin for WordPress wp-plugin-info-card-widget.php Multiple Parameter XSS |
119262 |
04/03/2015 |
WP Plugin Info Card Plugin for WordPress wp-plugin-info-card-shortcode.php Multiple Parameter XSS |
119266 |
03/03/2015 |
Booking Calendar Contact Form Plugin for WordPress dex_bccf_admin_int_bookings_list.inc.php search Parameter SQL Injection |
119267 |
03/03/2015 |
WWM Registration Form Plugin for WordPress Unspecified Issue |
119268 |
03/03/2015 |
CP Polls Plugin for WordPress cp-admin-int-list.inc.php Multiple Parameter SQL Injection |
119265 |
03/03/2015 |
Booking Calendar Contact Form Plugin for WordPress dex_bccf_admin_int_calendar_list.inc.php Multiple Parameter SQL Injection |
119606 |
03/03/2015 |
Calculated Fields Form Plugin for WordPress /wp-admin/options-general.php cp_calculated_fields_form Page Multiple Parameter SQL Injection |
119270 |
02/03/2015 |
Wpshop Plugin for WordPress includes/ajax.php elementCode Parameter File Upload Remote Code Execution |
118990 |
02/03/2015 |
WordPress Backup to Dropbox Plugin for WordPress /wp-admin/admin.php backup-to-dropbox-premium Page title Parameter Reflected XSS |
119269 |
02/03/2015 |
Photocrati Theme for WordPress ecomm-sizes.php prod_id Parameter SQL Injection |
119275 |
02/03/2015 |
Contact Form 7 Get and Show Parameter from URL Plugin for WordPress getparam.php name Parameter Reflected XSS |