oss-sec mailing list archives
Multiple vulnerabilities affecting seven WordPress (XSS, CSRF, SQLi)
From: Summer of Pwnage <lists () securify nl>
Date: Tue, 2 Aug 2016 20:49:58 +0200
Please see attached advisories for more information. These issues were found during Summer of Pwnage (https://sumofpwn.nl), a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way.
Attachment:
cross_site_request_forgery_in_alo_easymail_newsletter_wordpress_plugin.txt
Description:
Attachment:
cross_site_scripting_in_contact_bank_wordpress_plugin.txt
Description:
Attachment:
cross_site_scripting_in_uji_countdown_wordpress_plugin.txt
Description:
Attachment:
cross_site_scripting_in_wangguard_wordpress_plugin.txt
Description:
Attachment:
cross_site_scripting_vulnerability_in_booking_calendar_wordpress_plugin.txt
Description:
Attachment:
sql_injection_vulnerability_in_booking_calendar_wordpress_plugin.txt
Description:
Attachment:
stored_cross_site_scripting_vulnerability_in_wp_live_chat_support_wordpress_plugin.txt
Description:
Current thread:
- Multiple vulnerabilities affecting seven WordPress (XSS, CSRF, SQLi) Summer of Pwnage (Aug 02)