
Full Disclosure mailing list archives
WordPress Plugin Vulnerability Dump - Part 2
From: "Voxel@Night" <voxelnight () vexatioustendencies com>
Date: Mon, 08 Sep 2014 23:44:04 -0700
More vulnerabilities in poorly coded plugins for y'all. Ninja Forms v2.77 - Authorization bypass (regular users can delete forms, etc) Contact Form v3.83 - Email header injection WP to Twitter v2.9.3 - Authorization bypass (regular users can tweet to the admin's twitter account) Xhanch - My Twitter v2.7.7 - CSRF (create and delete tweets) TinyMCE Advanced v4.1 - (insignificant) CSRF W3 Total Cache v0.9.4 - (minor) CSRF WordPress Download Manager v2.6.92 - Authorization bypass (regular users can upload/delete arbitrary files, yes, even php files) Wordfence Security v5.2.2 - Stored XSS Details and POCs located: https://vexatioustendencies.com/wordpress-plugin-vulnerability-dump-part-2/ More to follow. -Voxel@Night _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- WordPress Plugin Vulnerability Dump - Part 2 Voxel@Night (Sep 09)