Archive

Archive for June, 2013

WordPress Image slider with description Plugin Unspecified

June 28th, 2013
Comments Off

Application: WordPress
Affected Version: versions prior to 7.0.
Vendor’s URL: Image slider with description Plugin
Bug Type:
Risk Level: Critical

Solution:
Update to version 7.0.

Content Management

WordPress Export To Text Plugin “download” Remote File Inclusion

June 28th, 2013
Comments Off

Application: WordPress
Affected Version: version 2.2 and prior versions.
Vendor’s URL: Export To Text Plugin
Bug Type: File Inclusion
Risk Level: Critical

Solution:
Update to version 2.3.

Content Management, File Inclusion

WordPress Multiple Vulnerabilities

June 28th, 2013
Comments Off

Application: WordPress
Affected Version: version 3.5.1 and prior versions.
Vendor’s URL: WordPress
Bug Type: Security Bypass, Cross Site Scripting, Spoofing, Exposure of system information, DoS
Risk Level: Critical

Solution:
Update to version 3.5.2.

Access Bypass, Content Management, Cross Site Scripting, Information Disclosure

WordPress Mail Subscribe List Plugin Script Insertion

June 28th, 2013
Comments Off

Application: WordPress
Affected Version: version 2.0.9 and prior versions.
Vendor’s URL: Mail Subscribe List Plugin
Bug Type: Script Insertion
Risk Level: Critical

Solution:
Update to version 2.1.

Content Management, Cross Site Scripting

Drupal Display Suite Module Script Insertion

June 28th, 2013
Comments Off

Application: Drupal
Affected Version: 7.x-1.x versions prior to 7.x-1.7 and 7.x-2.x versions prior to 7.x-2.3.
Vendor’s URL: Display Suite Module
Bug Type: Script Insertion
Risk Level: Critical

Solution:
Update to version 7.x-1.7 or 7.x-2.3.

Content Management, Cross Site Scripting

Drupal Node Access User Reference Module Security Bypass Security Issue

June 28th, 2013
Comments Off

Application: Drupal
Affected Version: 6.x-3.x versions prior to 6.x-3.5 and in 7.x-3.x versions prior to 7.x-3.10
Vendor’s URL: Node Access User Reference Module
Bug Type: Security Bypass
Risk Level: Critical

Solution:
Update to version 6.x-3.5 or 7.x-3.10.

Access Bypass, Content Management

Drupal Edit Limit Module Security Bypass Security Issue

June 28th, 2013
Comments Off

Application: Drupal
Affected Version: 7.x-1.x versions prior to 7.x-1.3.
Vendor’s URL: Edit Limit Module
Bug Type: Security Bypass
Risk Level: Critical

Solution:
Update to version 7.x-1.3.

Access Bypass, Content Management

WordPress Simple Paypal Shopping Cart Plugin Cross-Site Request Forgery

June 28th, 2013
Comments Off

Application: WordPress
Affected Version: version 3.5 and prior versions.
Vendor’s URL: Simple Paypal Shopping Cart Plugin
Bug Type: Cross-Site Request Forgery
Risk Level: Medium

Solution:
Update to version 3.6.

Content Management, Cross Site Scripting