Skip to content

Instantly share code, notes, and snippets.

@fs0c131y

fs0c131y/CVE-2019-14365

Last active Nov 12, 2019
Embed
What would you like to do?
CVEID: CVE-2019-14365
NAME OF AFFECTED PRODUCT(S) AND VERSION(S): Intercom plugin through 1.2.1 for WordPress
PROBLEM TYPE: Insecure Permissions
DESCRIPTION: The Intercom plugin for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.)
CVEID: CVE-2019-14366
NAME OF AFFECTED PRODUCT(S) AND VERSION(S): wpslacksync through 1.8.5 for WordPress
PROBLEM TYPE: Insecure Permissions
DESCRIPTION: The wpslacksync for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.)
CVEID: CVE-2019-14367
NAME OF AFFECTED PRODUCT(S) AND VERSION(S): Slack-chat plugin through 1.5.5 for WordPress
PROBLEM TYPE: Insecure Permissions
DESCRIPTION: The Slack-chat plugin through 1.5.5 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack (channels, members, etc.)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment