Categories

Applications (312)
Blogs (7)
Content Management (211)
Customer Relationship (4)
Discussion Boards (49)
E-Commerce (15)
General Purpose Directories (2)
Image Galleries (22)
Mailing Lists (1)
Tips (3)
Vulnerabilities (423)
Access Bypass (66)
Cross Site Scripting (159)
Denial Of Service (2)
File Inclusion (59)
Information Disclosure (19)
Privilege Escalation (3)
Remote Command Execution (19)
Session Hijacking (2)
SQL Injection (161)
« Drupal Multiple Script Insertion Vulnerabilities
Plume CMS “dir” XSS »

WordPress Sniplets Plugin Multiple Vulnerabilities

Published by TL Guan March 20th, 2008 in Access Bypass, Content Management and Cross Site Scripting.

Application: WordPress
Affected Version: 1.2.2 and other versions.
Vendor’s URL: http://urbangiraffe.com/plugins/sniplets/
Bug Type: Cross Site Scripting and Security Bypass
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly verified and sanitized.

0 Responses to “WordPress Sniplets Plugin Multiple Vulnerabilities”

Feed for this Entry Trackback Address
  1. No Comments

Leave a Reply

You must login to post a comment.

« Drupal Multiple Script Insertion Vulnerabilities
Plume CMS “dir” XSS »

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional