Skip to content

Instantly share code, notes, and snippets.

@fs0c131y fs0c131y/CVE-2019-14365
Last active Nov 12, 2019

Embed
What would you like to do?
CVEID: CVE-2019-14365
NAME OF AFFECTED PRODUCT(S) AND VERSION(S): Intercom plugin through 1.2.1 for WordPress
PROBLEM TYPE: Insecure Permissions
DESCRIPTION: The Intercom plugin for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.)
CVEID: CVE-2019-14366
NAME OF AFFECTED PRODUCT(S) AND VERSION(S): wpslacksync through 1.8.5 for WordPress
PROBLEM TYPE: Insecure Permissions
DESCRIPTION: The wpslacksync for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.)
CVEID: CVE-2019-14367
NAME OF AFFECTED PRODUCT(S) AND VERSION(S): Slack-chat plugin through 1.5.5 for WordPress
PROBLEM TYPE: Insecure Permissions
DESCRIPTION: The Slack-chat plugin through 1.5.5 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.