Author: Cyberthreat Blog

There is CSRF in the CopySafe Web Protection plugin before 2.6 for WordPress, allowing attackers to change plugin settings.

XSS exists in Easy WP SMTP (before 1.2.5), a WordPress Plugin, via the e-mail subject or body.

Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admin’s cookie and other information by composing a new entry as an editor user. This is related to lack of the serendipity_event_xsstrust plugin and a...

There is CSRF in the WHIZZ plugin before 1.1.1 for WordPress, allowing attackers to delete any WordPress users and change the plugin’s status via a GET request.

A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming...