Vulnerabilities
Greg's High Performance SEO 1.6.1 Reflected XSS
$_GET['submenu'] is not escaped.
04-05-2015
1 MIN READ
Vulnerabilities
$_GET['submenu'] is not escaped.
1 MIN READ
Vulnerabilities
`ShareaholicAdmin
1 MIN READ
Vulnerabilities
Name field in chat.php may be used to send XSS visible inside Webbased Operator Client.
1 MIN READ
Vulnerabilities
Anyone can run user defined function because of _call_userfunc().
1 MIN READ
Vulnerabilities
str_replace() is used to sanitize file path but function output is not assigned to variable.
1 MIN READ
Vulnerabilities
Using basic_settings() we can update every WordPress options, for example
1 MIN READ
Vulnerabilities
$_REQUEST['title'] is not escaped.
1 MIN READ
Vulnerabilities
$_REQUEST['widget'] is not escaped.
1 MIN READ