WP Security Bloggers http://www.wpsecuritybloggers.com The Number One Source for WordPress Security News and Updates Mon, 27 Mar 2017 22:22:15 +0000 en-US hourly 1 https://wordpress.org/?v=4.7.3 79282814 Vulnerability Details: Cross-Site Request Forgery(CSRF)/User Deletion Vulnerability in WHIZZ https://www.pluginvulnerabilities.com/2017/03/27/vulnerability-details-cross-site-request-forgerycsrfuser-deletion-vulnerability-in-whizz/ Mon, 27 Mar 2017 16:14:09 +0000 http://www.wpsecuritybloggers.com/uncategorized/vulnerability-details-cross-site-request-forgerycsrfuser-deletion-vulnerability-in-whizz https://www.pluginvulnerabilities.com/2017/03/27/vulnerability-details-cross-site-request-forgerycsrfuser-deletion-vulnerability-in-whizz/

To provide our customers with the best information possible on vulnerabilities that have been in WordPress plugins they use, we create posts, like this one, which include the details of vulnerabilities for which the discoverer has not released a report with those details already. That allows our customers to better understand how the vulnerability had or could have impacted their

]]>
173489
Vulnerability Details: Reflected Cross-Site Scripting (XSS) Vulnerability in WHIZZ https://www.pluginvulnerabilities.com/2017/03/27/vulnerability-details-reflected-cross-site-scripting-xss-vulnerability-in-whizz/ Mon, 27 Mar 2017 16:04:01 +0000 http://www.wpsecuritybloggers.com/uncategorized/vulnerability-details-reflected-cross-site-scripting-xss-vulnerability-in-whizz https://www.pluginvulnerabilities.com/2017/03/27/vulnerability-details-reflected-cross-site-scripting-xss-vulnerability-in-whizz/

To provide our customers with the best information possible on vulnerabilities that have been in WordPress plugins they use, we create posts, like this one, which include the details of vulnerabilities for which the discoverer has not released a report with those details already. That allows our customers to better understand how the vulnerability had or could have impacted their

]]>
173492
Vulnerability Details: Cross-Site Request Forgery(CSRF)/Plugin Deletion Vulnerability in WHIZZ https://www.pluginvulnerabilities.com/2017/03/27/vulnerability-details-cross-site-request-forgerycsrfplugin-deletion-vulnerability-in-whizz/ Mon, 27 Mar 2017 15:49:16 +0000 http://www.wpsecuritybloggers.com/uncategorized/vulnerability-details-cross-site-request-forgerycsrfplugin-deletion-vulnerability-in-whizz https://www.pluginvulnerabilities.com/2017/03/27/vulnerability-details-cross-site-request-forgerycsrfplugin-deletion-vulnerability-in-whizz/

To provide our customers with the best information possible on vulnerabilities that have been in WordPress plugins they use, we create posts, like this one, which include the details of vulnerabilities for which the discoverer has not released a report with those details already. That allows our customers to better understand how the vulnerability had or could have impacted their

]]>
173495
Vuln: WordPress recent-backups Plugin ‘download-file.php’ Arbitrary File Download Vulnerability http://www.securityfocus.com/bid/97125 Mon, 27 Mar 2017 00:00:00 +0000 http://www.wpsecuritybloggers.com/uncategorized/vuln-wordpress-recent-backups-plugin-download-file-php-arbitrary-file-download-vulnerability http://www.securityfocus.com/bid/97125

WordPress recent-backups Plugin ‘download-file.php’ Arbitrary File Download Vulnerability

]]>
173506
Vuln: WordPress YOP Poll Plugin CVE-2017-2127 Unspecified Cross Site Scripting Vulnerability http://www.securityfocus.com/bid/97118 Mon, 27 Mar 2017 00:00:00 +0000 http://www.wpsecuritybloggers.com/uncategorized/vuln-wordpress-yop-poll-plugin-cve-2017-2127-unspecified-cross-site-scripting-vulnerability http://www.securityfocus.com/bid/97118

WordPress YOP Poll Plugin CVE-2017-2127 Unspecified Cross Site Scripting Vulnerability

]]>
173504
Vuln: candidate-application-form WordPress Plugin CVE-2015-1000005 Arbitrary File Download Vulnerability http://www.securityfocus.com/bid/97108 Mon, 27 Mar 2017 00:00:00 +0000 http://www.wpsecuritybloggers.com/uncategorized/vuln-candidate-application-form-wordpress-plugin-cve-2015-1000005-arbitrary-file-download-vulnerability http://www.securityfocus.com/bid/97108

candidate-application-form WordPress Plugin CVE-2015-1000005 Arbitrary File Download Vulnerability

]]>
173502
Vuln: WordPress Filedownload Plugin CVE-2015-1000004 Cross-Site Scripting Vulnerability http://www.securityfocus.com/bid/97107 Mon, 27 Mar 2017 00:00:00 +0000 http://www.wpsecuritybloggers.com/uncategorized/vuln-wordpress-filedownload-plugin-cve-2015-1000004-cross-site-scripting-vulnerability http://www.securityfocus.com/bid/97107

WordPress Filedownload Plugin CVE-2015-1000004 Cross-Site Scripting Vulnerability

]]>
173500
Vuln: WordPress Filedownload Plugin CVE-2015-1000003 SQL Injection Vulnerability http://www.securityfocus.com/bid/97106 Mon, 27 Mar 2017 00:00:00 +0000 http://www.wpsecuritybloggers.com/uncategorized/vuln-wordpress-filedownload-plugin-cve-2015-1000003-sql-injection-vulnerability http://www.securityfocus.com/bid/97106

WordPress Filedownload Plugin CVE-2015-1000003 SQL Injection Vulnerability

]]>
173498
Vuln: WordPress Prior to 4.7.3 URL Redirection Vulnerability http://www.securityfocus.com/bid/96600 Thu, 23 Mar 2017 00:00:00 +0000 http://www.wpsecuritybloggers.com/uncategorized/vuln-wordpress-prior-to-4-7-3-url-redirection-vulnerability http://www.securityfocus.com/bid/96600

WordPress Prior to 4.7.3 URL Redirection Vulnerability

]]>
173487
Vuln: WordPress Prior to 4.7.3 Security Bypass Vulnerability http://www.securityfocus.com/bid/96598 Thu, 23 Mar 2017 00:00:00 +0000 http://www.wpsecuritybloggers.com/uncategorized/vuln-wordpress-prior-to-4-7-3-security-bypass-vulnerability http://www.securityfocus.com/bid/96598

WordPress Prior to 4.7.3 Security Bypass Vulnerability

]]>
173485