This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Exploit Title: Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability | |
# Date: 2018-12-28 | |
# Exploit Author: B0UG | |
# Vendor Homepage: https://wpbookingcalendar.com/ | |
# Software Link: https://wordpress.org/plugins/booking/ | |
# Version: Tested on version 8.4.3 (older versions may also be affected) | |
# Tested on: WordPress | |
# Category : Webapps | |
# CVE: CVE-2018-20556 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Exploit Title: Booking Calendar by WpDevArt - Unauthenticated Parameter Manipulation | |
# Date: 25/04/2018 | |
# Exploit Author: B0UG | |
# Vendor Homepage: https://wpdevart.com/wordpress-booking-calendar-plugin/ | |
# Software Link: https://wordpress.org/plugins/booking-calendar/ | |
# Version: Tested on version 2.2.2 (Older versions may be affected) | |
# Tested on: WordPress | |
# Category : Webapps | |
# CVE: CVE-2018-10363 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Exploit Title: WF Cookie Consent - Authenticated Persistent Cross-Site Scripting | |
# Date: 23/04/2018 | |
# Exploit Author: B0UG | |
# Vendor Homepage: http://www.wunderfarm.com/ | |
# Software Link: https://en-gb.wordpress.org/plugins/wf-cookie-consent/ | |
# Version: Tested on version 1.1.3 (older versions may also be affected) | |
# Tested on: WordPress | |
# Category : Webapps | |
# CVE: CVE-2018-10371 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Exploit Title: Responsive Cookie Consent - Authenticated Persistent Cross-Site Scripting | |
# Date: 20/04/2018 | |
# Exploit Author: B0UG | |
# Vendor Homepage: http://www.jameskoussertari.co.uk/ | |
# Software Link: https://en-gb.wordpress.org/plugins/responsive-cookie-consent/ | |
# Version: Tested on version 1.5, 1.6 and 1.7 (older versions may also be affected) | |
# Tested on: WordPress | |
# Category : Webapps | |
# CVE: CVE-2018-10309 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Exploit Title: UK Cookie Consent - Authenticated Persistent Cross-Site Scripting | |
# Date: 22/04/2018 | |
# Exploit Author: B0UG | |
# Vendor Homepage: https://catapultthemes.com/ | |
# Software Link: https://en-gb.wordpress.org/plugins/uk-cookie-consent/#description | |
# Version: Tested on version 2.3.9 (older versions may also be affected) | |
# Tested on: WordPress | |
# Category : Webapps | |
# CVE: CVE-2018-10310 |