Vulnerabilities
Custom Sidebars 2.1.0.1 XSS
$_GET['cs-msg'] is not escaped.
23-09-2015
1 MIN READ
Vulnerabilities
$_GET['cs-msg'] is not escaped.
1 MIN READ
Vulnerabilities
googleapis.com domain is whitelisted by default.
1 MIN READ
Vulnerabilities
$_GET['vid'] is not escaped.
2 MIN READ
Vulnerabilities
Every registered user can change livefyre_site_id and livefyre_site_key.
1 MIN READ
Vulnerabilities
Ten character XSS payload.
2 MIN READ
Vulnerabilities
$_GET['time'] is not escaped.
2 MIN READ
Vulnerabilities
$_REQUEST['items'] is not escaped.
1 MIN READ
Vulnerabilities
We can send email to anyone if we have valid nonce token.
1 MIN READ