[FD] Cross-Site Scripting vulnerability in ColorWay WordPress Theme

https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_colorway_wordpress_theme.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal

[FD] Cross-Site Scripting in Code Snippets WordPress Plugin

/cross_site_scripting_in_code_snippets_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way

[FD] Cross-Site Scripting in Contact Form to Email WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_contact_form_to_email_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular

[FD] Cross-Site Scripting in Contact Bank WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_contact_bank_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community

[FD] SQL injection vulnerability in Booking Calendar WordPress Plugin

. Details https://sumofpwn.nl/advisory/2016/sql_injection_vulnerability_in_booking_calendar_wordpress_plugin.html Summer of Pwnage (https

[FD] Stored Cross-Site Scripting vulnerability in WP Live Chat Support WordPress Plugin

ails https://sumofpwn.nl/advisory/2016/stored_cross_site_scripting_vulnerability_in_wp_live_chat_support_wordpress_plugin.html ---- Summer of Pwnage (https://sumofpwn.nl) is a Dutch community pro

[FD] Insert PHP WordPress Plugin allows authenticated user to execute arbitrary PHP

ails https://sumofpwn.nl/advisory/2016/insert_php_wordpress_plugin_allows_authenticated_user_to_execute_arbitrary_php.html ---- Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its

[FD] Multiple vulnerabilities in All In One WP Security & Firewall plugin login CAPTCHA

nl/advisory/2016/multiple_vulnerabilities_in_all_in_one_wp_security___firewall_plugin_login_captcha.html ---- Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely u

[FD] Stored Cross-Site Scripting vulnerability in Easy Testimonials WordPress Plugin

https://sumofpwn.nl/advisory/2016/stored_cross_site_scripting_vulnerability_in_easy_testimonials_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch

[FD] Cross-Site Scripting vulnerability in search function Activity Log WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_search_function_activity_log_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community

[FD] Cross-Site Scripting in WordPress Landing Pages Plugin

/2016/cross_site_scripting_in_wordpress_landing_pages_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun

[FD] Cross-Site Scripting vulnerability in Google Forms WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_google_forms_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community

[FD] Cross-Site Scripting vulnerability in Top 10 - Popular posts plugin for WordPress

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent through the Full Disclosure mailing list https://nmap.org

[FD] Cross-Site Scripting vulnerability in Simple Membership WordPress Plugin

. Details https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_simple_membership_wordpress_plugin.html Summer of Pwnage (https

[FD] Multiple Cross-Site Scripting vulnerabilities in Ninja Forms WordPress Plugin

://sumofpwn.nl/advisory/2016/multiple_cross_site_scripting_vulnerabilities_in_ninja_forms_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security

[FD] Cross-Site Request Forgery in Icegram WordPress Plugin

sory/2016/cross_site_request_forgery_in_icegram_wordpress_plugin.html ---- Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a

[FD] Multiple SQL injection vulnerabilities in WordPress Video Player

n.nl/advisory/2016/multiple_sql_injection_vulnerabilities_in_wordpress_video_player.html ---- Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used

[FD] Cross-Site Scripting vulnerability in Paid Memberships Pro WordPress Plugin

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent

[FD] Persistent Cross-Site Scripting in WordPress Activity Log plugin

https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_wordpress_activity_log_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute

[FD] Cross-Site Scripting vulnerability in Master Slider WordPress Plugin

. Details https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_master_slider_wordpress_plugin.html Summer of Pwnage (https

[FD] Cross-Site Scripting vulnerability in Profile Builder WordPress Plugin

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent through the Full Disclosure mailing list https

[FD] WP Fastest Cache Member Local File Inclusion vulnerability

://sumofpwn.nl/advisory/2016/wp_fastest_cache_member_local_file_inclusion_vulnerability.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used

[FD] Easy Forms for MailChimp Local File Inclusion vulnerability

https://sumofpwn.nl/advisory/2016/easy_forms_for_mailchimp_local_file_inclusion_vulnerability.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular

[FD] Persistent Cross-Site Scripting in All in One SEO Pack WordPress Plugin

Persistent Cross-Site Scripting in All in One SEO Pack WordPress Plugin David Vaartjes, July 2016

[FD] Ultimate Member Local File Inclusion vulnerability

Ultimate Member Local File Inclusion vulnerability Burak Kelebek, July 2016

[FD] Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP Object injection vulnerability

https://sumofpwn.nl/advisory/2016/ecwid_ecommerce_shopping_cart_wordpress_plugin_unauthenticated_php_object_injection_vulnerability.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal

[FD] Cross-Site Scripting vulnerability in Events Made Easy WordPress plugin

. Details https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_events_made_easy_wordpress_plugin.html Summer of Pwnage

[FD] Cross-Site Scripting in FormBuilder WordPress Plugin

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way

[FD] Cross-Site Request Forgery vulnerability in Add From Server WordPress Plugin

. Details https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_vulnerability_in_add_from_server_wordpress_plugin.html Summer of Pwnage (https

[FD] Cross-Site Scripting in WangGuard WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_wangguard_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute

[FD] Cross-Site Scripting in Uji Countdown WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_uji_countdown_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal

[FD] Cross-Site Scripting vulnerability in Google Maps WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_google_maps_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute

[FD] Ajax Load More Local File Inclusion vulnerability

/advisory/2016/ajax_load_more_local_file_inclusion_vulnerability.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun

[FD] Cross-Site Request Forgery in Photo Gallery WordPress Plugin allows deleting of images

/cross_site_request_forgery_in_photo_gallery_wordpress_plugin_allows_deleting_of_images.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way

[FD] Cross-Site Request Forgery in Photo Gallery WordPress Plugin allows deleting of galleries

/cross_site_request_forgery_in_photo_gallery_wordpress_plugin_allows_deleting_of_galleries.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way

[FD] Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin

https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_magic_fields_2_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute

[FD] Cross-Site Request Forgery vulnerability in Email Users WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_vulnerability_in_email_users_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project

[FD] Cross-Site Scripting/Cross-Site Request Forgery in Peter's Login Redirect WordPress Plugin

/cross_site_scripting_cross_site_request_forgery_in_peter_s_login_redirect_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects

[FD] Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin

https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_magic_fields_1_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute

[FD] Persistent Cross-Site Scripting vulnerability in User Access Manager WordPress Plugin

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent through the Full Disclosure mailing list

[FD] Cross-Site Request Forgery vulnerability in FormBuilder WordPress Plugin allows plugin permissions modification

/cross_site_request_forgery_vulnerability_in_formbuilder_wordpress_plugin_allows_plugin_permissions_modification.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular

[FD] Multiple blind SQL injection vulnerabilities in FormBuilder WordPress Plugin

https://sumofpwn.nl/advisory/2016/multiple_blind_sql_injection_vulnerabilities_in_formbuilder_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl

[FD] Cross-Site Scripting vulnerability in Trust Form WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_trust_form_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal

[FD] Persistent Cross-Site Scripting in the WordPress NewStatPress plugin

Details https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_the_wordpress_newstatpress_plugin.html Summer of Pwnage (https

[FD] Cross-Site Scripting vulnerability in WP-Filebase Download Manager WordPress Plugin

. Details https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_wp_filebase_download_manager_wordpress_plugin.html Summer

[FD] Cross-Site Scripting vulnerability in Tribulant Slideshow Galleries WordPress Plugin

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent through the Full Disclosure mailing list https://nmap.org/mailman

[FD] Cross-Site Scripting vulnerability in WP-SpamFree Anti-Spam WordPress Plugin

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent through the Full Disclosure mailing list https://nmap.org

[FD] Simple Ads Manager WordPress plugin unauthenticated PHP Object injection vulnerability

https://sumofpwn.nl/advisory/2016/simple_ads_manager_wordpress_plugin_unauthenticated_php_object_injection_vulnerability.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal

[FD] Cross-Site Request Forgery in WordPress Download Manager Plugin

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent through the Full Disclosure mailing list https

[FD] Cross-Site Scripting in Magic Fields 1 WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_magic_fields_1_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal

[FD] Cross-Site Scripting in Google Analytics Dashboard WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_google_analytics_dashboard_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl

[FD] Cross-Site Scripting in Alpine PhotoTile for Instagram WordPress Plugin

. Details https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_alpine_phototile_for_instagram_wordpress_plugin.html Summer of Pwnage (https

[FD] VaultPress - Remote Code Execution via Man in The Middle attack

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent through

[FD] WordPress Adminer plugin allows public (local) database login

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way

[FD] Stored Cross-Site Scripting vulnerability in Contact Form WordPress Plugin

https://sumofpwn.nl/advisory/2016/stored_cross_site_scripting_vulnerability_in_contact_form_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl

[FD] Analytics Stats Counter Statistics WordPress Plugin unauthenticated PHP Object injection vulnerability

://sumofpwn.nl/advisory/2016/analytics_stats_counter_statistics_wordpress_plugin_unauthenticated_php_object_injection_vulnerability.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute

[FD] Cross-Site Request Forgery in File Manager WordPress plugin

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent through the Full Disclosure mailing list https://nmap.org

[FD] Cross-Site Request Forgery in Atahualpa WordPress Theme

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent through the Full Disclosure mailing list https

[FD] Admin Custom Login WordPress plugin affected by persistent Cross-Site Scripting via Logo URL field

Admin Custom Login WordPress plugin affected by persistent Cross-Site Scripting via Logo URL field Burak Kelebek, July 2016

[FD] Cross-Site Scripting vulnerability in Gwolle Guestbook WordPress Plugin

/cross_site_scripting_vulnerability_in_gwolle_guestbook_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way

[FD] Gwolle Guestbook mass action vulnerable for Cross-Site Request Forgery

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent

[FD] Reflected Cross-Site Scripting vulnerability in MailPoet Newsletters plugin

. Details https://sumofpwn.nl/advisory/2016/reflected_cross_site_scripting_vulnerability_in_mailpoet_newsletters_plugin.html Summer of Pwnage (https

[FD] Stored Cross-Site Scripting vulnerability in 404 to 301 WordPress Plugin

://sumofpwn.nl/advisory/2016/stored_cross_site_scripting_vulnerability_in_404_to_301_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely

[FD] Cross-Site Scripting in Calendar WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_calendar_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute

[FD] YITH WooCommerce Compare WordPress Plugin unauthenticated PHP Object injection vulnerability

/advisory/2016/yith_woocommerce_compare_wordpress_plugin_unauthenticated_php_object_injection_vulnerability.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security

[FD] Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_quotes_collection_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal

[FD] Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin

://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_wassup_real_time_analytics_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security

[FD] Cross-Site Scripting vulnerability in Caldera Forms WordPress Plugin

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way

[FD] Persistent Cross-Site Scripting in WP Google Maps Plugin via CSRF

. Details https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_wp_google_maps_plugin_via_csrf.html Summer of Pwnage (https

[FD] Weak validation of Amazon SNS push messages in W3 Total Cache WordPress Plugin

/weak_validation_of_amazon_sns_push_messages_in_w3_total_cache_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational

[FD] Information disclosure race condition in W3 Total Cache WordPress Plugin

https://sumofpwn.nl/advisory/2016/information_disclosure_race_condition_in_w3_total_cache_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security

[FD] Reflected Cross-Site Scripting vulnerability in W3 Total Cache plugin

https://sumofpwn.nl/advisory/2016/reflected_cross_site_scripting_vulnerability_in_w3_total_cache_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community

[FD] Stored Cross-Site Scripting in Gallery - Image Gallery WordPress Plugin

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent through the Full Disclosure mailing list https

[FD] Cross-Site Scripting in All In One WP Security & Firewall WordPress Plugin

ress_plugin.html ---- Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent through the Full Di

[FD] Persistent Cross-Site Scripting in Instagram Feed plugin via CSRF

. Details https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_in_instagram_feed_plugin_via_csrf.html Summer of Pwnage (https

[FD] Cross-Site Scripting in Check Email WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_check_email_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute

[FD] Cross-Site Scripting in Huge IT Portfolio Gallery WordPress Plugin

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_huge_it_portfolio_gallery_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch

Re: [FD] Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin

Hi Larry, The entire advisories are posted to the oss-security mailing list. Cheers, Team Summer of Pwnage On 19-11-16 15:13, Larry W. Cashdollar wrote: Hello All, These are really great advisories, my only wish is that they were copied to the security lists in their entirety. This way

[FD] Google Analytics Counter Tracker WordPress Plugin unauthenticed PHP Object injection vulnerability

https://sumofpwn.nl/advisory/2016/google_analytics_counter_tracker_wordpress_plugin_unauthenticed_php_object_injection_vulnerability.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal

[FD] Cross-Site Request Forgery in WordPress Connection Information

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent

[FD] Cross-Site Request Forgery in WordPress Press This function allows DoS

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way. ___ Sent

[FD] WordPress audio playlist functionality is affected by Cross-Site Scripting

/wordpress_audio_playlist_functionality_is_affected_by_cross_site_scripting.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS

[FD] Admin Custom Login WordPress plugin custom login page affected by persistent Cross-Site Scripting

/admin_custom_login_wordpress_plugin_custom_login_page_affected_by_persistent_cross_site_scripting.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way

[FD] Cross-Site Request Forgery in Global Content Blocks WordPress Plugin

://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_global_content_blocks_wordpress_plugin.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal is to contribute to the security of popular

[FD] Cross-Site Scripting in Atahualpa WordPress Theme

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_atahualpa_wordpress_theme.html Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its goal

Re: [FD] Cross-Site Request Forgery in WordPress Connection Information

This issue is resolved in WordPress version 4.7.5. https://wordpress.org/news/2017/05/wordpress-4-7-5/ On 21-04-17 00:29, Summer of Pwnage wrote: Cross-Site Request Forgery in WordPress Connection Information

[FD] Multiple vulnerabilities in VTech DigiGo allow browser overlay attack

Multiple vulnerabilities in VTech DigiGo allow browser overlay attack Sipke Mellema, September 2017

[FD] Seagate Media Server allows deleting of arbitrary files and folders

Seagate Media Server allows deleting of arbitrary files and folders Yorick Koster, September 2017

[FD] Broken TLS certificate validation in VTech DigiGo browser

Broken TLS certificate validation in VTech DigiGo browser Sipke Mellema, September 2017

[FD] Broken TLS certificate pinning in VTech DigiGo Kid Connect app

Broken TLS certificate pinning in VTech DigiGo Kid Connect app Sipke Mellema, September 2017

[FD] Seagate Media Server multiple SQL injection vulnerabilities

Seagate Media Server multiple SQL injection vulnerabilities Yorick Koster, September 2017

[FD] Seagate Media Server stored Cross-Site Scripting vulnerability

Seagate Media Server stored Cross-Site Scripting vulnerability Yorick Koster, September 2017

[FD] Seagate Media Server path traversal vulnerability

Seagate Media Server path traversal vulnerability Yorick Koster, September 2017

[FD] Seagate Personal Cloud allows moving of arbitrary files

Seagate Personal Cloud allows moving of arbitrary files Yorick Koster, September 2017

[FD] Seagate Personal Cloud multiple information disclosure vulnerabilities

Seagate Personal Cloud multiple information disclosure vulnerabilities Yorick Koster, September 2017