B0UG
B0UG
/ Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability
Created
February 13, 2019 20:02
Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Exploit Title: Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability | |
| # Date: 2018-12-28 | |
| # Exploit Author: B0UG | |
| # Vendor Homepage: https://wpbookingcalendar.com/ | |
| # Software Link: https://wordpress.org/plugins/booking/ | |
| # Version: Tested on version 8.4.3 (older versions may also be affected) | |
| # Tested on: WordPress | |
| # Category : Webapps | |
| # CVE: CVE-2018-20556 |
B0UG
/ gist:68d3161af0c0ec85c615ca7452f9755e
Created
June 7, 2018 20:11
Booking Calendar by WpDevArt - Unauthenticated Parameter Manipulation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Exploit Title: Booking Calendar by WpDevArt - Unauthenticated Parameter Manipulation | |
| # Date: 25/04/2018 | |
| # Exploit Author: B0UG | |
| # Vendor Homepage: https://wpdevart.com/wordpress-booking-calendar-plugin/ | |
| # Software Link: https://wordpress.org/plugins/booking-calendar/ | |
| # Version: Tested on version 2.2.2 (Older versions may be affected) | |
| # Tested on: WordPress | |
| # Category : Webapps | |
| # CVE: CVE-2018-10363 |
B0UG
/ gist:8615df3fe83a4deca07334af783696d6
Created
May 1, 2018 12:02
WF Cookie Consent - Authenticated Persistent Cross-Site Scripting
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Exploit Title: WF Cookie Consent - Authenticated Persistent Cross-Site Scripting | |
| # Date: 23/04/2018 | |
| # Exploit Author: B0UG | |
| # Vendor Homepage: http://www.wunderfarm.com/ | |
| # Software Link: https://en-gb.wordpress.org/plugins/wf-cookie-consent/ | |
| # Version: Tested on version 1.1.3 (older versions may also be affected) | |
| # Tested on: WordPress | |
| # Category : Webapps | |
| # CVE: CVE-2018-10371 |
B0UG
/ gist:f0cfb356e23be3cd6ebea69566d6100a
Created
April 25, 2018 08:45
Responsive Cookie Consent - Authenticated Persistent Cross-Site Scripting
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Exploit Title: Responsive Cookie Consent - Authenticated Persistent Cross-Site Scripting | |
| # Date: 20/04/2018 | |
| # Exploit Author: B0UG | |
| # Vendor Homepage: http://www.jameskoussertari.co.uk/ | |
| # Software Link: https://en-gb.wordpress.org/plugins/responsive-cookie-consent/ | |
| # Version: Tested on version 1.5, 1.6 and 1.7 (older versions may also be affected) | |
| # Tested on: WordPress | |
| # Category : Webapps | |
| # CVE: CVE-2018-10309 |
B0UG
/ gist:9732614abccaf2893c352d14c822d07b
Created
April 25, 2018 08:40
UK Cookie Consent - Authenticated Persistent Cross-Site Scripting
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Exploit Title: UK Cookie Consent - Authenticated Persistent Cross-Site Scripting | |
| # Date: 22/04/2018 | |
| # Exploit Author: B0UG | |
| # Vendor Homepage: https://catapultthemes.com/ | |
| # Software Link: https://en-gb.wordpress.org/plugins/uk-cookie-consent/#description | |
| # Version: Tested on version 2.3.9 (older versions may also be affected) | |
| # Tested on: WordPress | |
| # Category : Webapps | |
| # CVE: CVE-2018-10310 |