Skip to content

Instantly share code, notes, and snippets.

@styks1987
Created June 15, 2018 02:22
Show Gist options
  • Save styks1987/a9339a9bb8f02a338919ab1a5ccd7818 to your computer and use it in GitHub Desktop.
Save styks1987/a9339a9bb8f02a338919ab1a5ccd7818 to your computer and use it in GitHub Desktop.
[!] Title: Visual Composer <= 4.7.3 - Multiple Unspecified Cross-Site Scripting (XSS)
Reference: https://wpvulndb.com/vulnerabilities/8208
Reference: http://codecanyon.net/item/visual-composer-page-builder-for-wordpress/242431
Reference: https://forums.envato.com/t/visual-composer-security-vulnerability-fix/10494/7
[i] Fixed in: 4.7.4
[!] Title: WordPress Slider Revolution Local File Disclosure
Reference: https://wpvulndb.com/vulnerabilities/7540
Reference: http://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html
Reference: http://packetstormsecurity.com/files/129761/
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1579
Reference: https://www.exploit-db.com/exploits/34511/
Reference: https://www.exploit-db.com/exploits/36039/
[i] Fixed in: 4.1.5
[!] Title: WordPress Slider Revolution Shell Upload
Reference: https://wpvulndb.com/vulnerabilities/7954
Reference: https://whatisgon.wordpress.com/2014/11/30/another-revslider-vulnerability/
Reference: https://www.rapid7.com/db/modules/exploit/unix/webapp/wp_revslider_upload_execute
Reference: https://www.exploit-db.com/exploits/35385/
[i] Fixed in: 3.0.96
\
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment