» 2019 » 9월

The leenkme plugin before 2.6.0 for WordPress has stored XSS via facebook_message, facebook_linkname, facebook_caption, facebook_description, default_image, or _wp_http_referer.

Source: CVE-2016-10988

CVE-2016-10989

Posted on 2019년 9월 18일2019년 9월 18일 by admin

CVE-2016-10989

The leenkme plugin before 2.6.0 for WordPress has wp-admin/admin.php?page=leenkme_facebook CSRF.

Source: CVE-2016-10989

CVE-2016-10984

Posted on 2019년 9월 18일2019년 9월 18일 by admin

CVE-2016-10984

The echosign plugin before 1.2 for WordPress has XSS via the inc.php page parameter.

Source: CVE-2016-10984

CVE-2016-10987

Posted on 2019년 9월 18일2019년 9월 18일 by admin

CVE-2016-10987

The persian-woocommerce-sms plugin before 3.3.4 for WordPress has ps_sms_numbers XSS.

Source: CVE-2016-10987

CVE-2016-10977

Posted on 2019년 9월 18일2019년 9월 18일 by admin

CVE-2016-10977

The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal.

Source: CVE-2016-10977

CVE-2016-10978

Posted on 2019년 9월 18일2019년 9월 18일 by admin

CVE-2016-10978

The fossura-tag-miner plugin before 1.1.5 for WordPress has CSRF.

Source: CVE-2016-10978

CVE-2016-10979

Posted on 2019년 9월 18일2019년 9월 18일 by admin

CVE-2016-10979

The fossura-tag-miner plugin before 1.1.5 for WordPress has XSS.

Source: CVE-2016-10979