Skip to content

SSCHADV2013-006 - WordPress Plugin 'AJAX Comment Page 3.25' Cross-site scripting vulnerability

Advisory:
WordPress Plugin ‘AJAX Comment Page 3.25’ Cross-site scripting vulnerability
Advisory ID:
SSCHADV2013-006
Author:
Stefan Schurtz
Affected Software:
Successfully tested on AJAX Comment Page 3.25
Vendor URL:
Vendor Status:
fixed
CVE-ID:
Requested
 
======================
Vulnerability Description
======================
 
The parameter ‘max’ of the WordPress plugin ‘AJAX Comment Page’ is prone to a XSS vulnerability
 
Continue reading "SSCHADV2013-006 - WordPress Plugin 'AJAX Comment Page 3.25' Cross-site scripting vulnerability"

SSCHADV2013-005 - WordPress Plugin 'Types 1.2.1.1' Cross-Site Request Forgery & Stored Cross-site scripting vulnerability

Advisory:
WordPress Plugin ‘Types 1.2.1.1’ Cross-Site Request Forgery
& Stored Cross-site scripting vulnerability
Advisory ID:
SSCHADV2013-005
Author:
Stefan Schurtz
Affected Software:
Successfully tested on Types 1.2.1.1
Vendor URL:
Vendor Status:
fixed
CVE-ID:
CVE-2013-2768
 
======================
Vulnerability Description
======================
 
The parameter ‘skypename’ of the WordPress plugin Types 1.2.1.1 is prone to a CSRF and stored XSS vulnerability
 
Continue reading "SSCHADV2013-005 - WordPress Plugin 'Types 1.2.1.1' Cross-Site Request Forgery & Stored Cross-site scripting vulnerability"

SSCHADV2013-004 - WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability

Advisory:
WordPress Plugin ‘Feedweb 1.8.8’ Cross-site Scripting vulnerability
Advisory ID:
SSCHADV2013-004
Author:
Stefan Schurtz
Affected Software:
Successfully tested on Feedweb 1.8.8
Vendor URL:
Vendor Status:
fixed
CVE-ID:
CVE-2013-2753
 
======================
Vulnerability Description
======================
 

The WordPress plugin ‘Feedweb 1.8.8’ is prone to a XSS vulnerability

Continue reading "SSCHADV2013-004 - WordPress Plugin 'Feedweb 1.8.8' Cross-site Scripting vulnerability"
Imprint | Contact | Privacy Statement