oss-sec mailing list archives

CVE request: Multiple vulnerabilities in some WordPress plugins: NewStatPress & WordPress Landing Pages.

From: Adrián M. F. <adrimf85 () gmail com>
Date: Fri, 22 May 2015 11:17:35 +0200

Hi!

I discovered multiple vulnerabilities in some WordPress plugins:

- Multiple vulnerabilities in WordPress plugin "NewStatPress" (SQLi, XSS)
* vulnerable version: 0.9.8
* patched version: 0.9.9
* vendor: https://wordpress.org/plugins/newstatpress/
* changelog: https://wordpress.org/plugins/newstatpress/changelog/

- Multiple vulnerabilities in WordPress plugin "WordPress Landing Pages"
(SQLi, XSS)
* vulnerable version: 1.8.4
* patched version: 1.8.5
* vendor: https://wordpress.org/plugins/landing-pages/
* changelog: https://wordpress.org/plugins/landing-pages/changelog/

I request a CVE for them.

Thanks!

A.

Current thread:

CVE request: Multiple vulnerabilities in some WordPress plugins: NewStatPress & WordPress Landing Pages. Adrián M . F . (May 22)
- Re: CVE request: Multiple vulnerabilities in some WordPress plugins: NewStatPress & WordPress Landing Pages. cve-assign (May 22)