- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 39317
- Проверка EDB
-
- Пройдено
- Автор
- VOXEL@NIGHT
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2014-09-14
WordPress Plugin Wordfence Security - Multiple Vulnerabilities
Код:
source: https://www.securityfocus.com/bid/69815/info
The Wordfence Security Plugin for WordPress is prone to following vulnerabilities:
1. Multiple HTML-Injection vulnerabilities
2. Multiple Security Bypass vulnerabilities
Successful exploits of these issues allow the attacker-supplied HTML and script code to run in the context of the affected browser potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user, or to bypass security mechanisms.
Wordfence Security Plugin 5.2.3 is vulnerable; other versions may also be affected
http://www.example.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php- Источник
- www.exploit-db.com
