oss-sec mailing list archives
Re: CVE requests / Advisory: Codestyling Localization (Wordpress plugin) - multiple RCE via CSRF, multiple XSS
From: Henri Salo <henri () nerv fi>
Date: Wed, 3 Jun 2015 13:54:29 +0300
On Wed, Jun 03, 2015 at 08:04:25PM +1200, Matthew Daley wrote:
The plugin has since been removed from the Wordpress plugin directory, so I don't have the ability to easily link to source code. FWIW, line references in this advisory refer to what was the latest version of the plugin, 1.99.30.
You can use WordPress Traq when the plugin is in the official repository. Traq is available even the plugin has been disabled from plugin repository: https://plugins.trac.wordpress.org/log/codestyling-localization -- Henri Salo
Current thread:
- CVE requests / Advisory: Codestyling Localization (Wordpress plugin) - multiple RCE via CSRF, multiple XSS Matthew Daley (Jun 03)
- Re: CVE requests / Advisory: Codestyling Localization (Wordpress plugin) - multiple RCE via CSRF, multiple XSS Henri Salo (Jun 03)
- Re: CVE requests / Advisory: Codestyling Localization (Wordpress plugin) - multiple RCE via CSRF, multiple XSS cve-assign (Jun 04)