PageLines Platform 1.1.4 CSRF vulnerability
Platform 4 by PageLines is a WordPress theme. During a bug bounty investigation, a CSRF-RCE vulnerability was found in the administrative functions of the
Platform 4 by PageLines is a WordPress theme. During a bug bounty investigation, a CSRF-RCE vulnerability was found in the administrative functions of the
W3 Total Cache is a caching plugin with more than a million active installs. Versions prior to 0.9.5 are vulnerable to a server
Uber OneLogin authentication bypass by Klikki was the most viewed vulnerability report of Q2 2016 on HackerOne
Uber Pays Researcher $10,000 for Critical Flaw (SecurityWeek) Uber Pays Researcher $10k for Login Bypass Exploit (Threatpost)
The Fluid Responsive Slideshow WordPress plugin was found vulnerable to a CSRF bug that could ultimately lead to server-side compromise. Additionally there was a
All-in One Event Calendar by Time.ly is a WordPress plugin with 100,000+ active installs according to statistics provided by WordPress. Two critical bugs
MainWP is a WordPress remote administration plugin. Missing authorization checks on a setup panel allowed unauthenticated attackers to modify some of the MainWP
Yahoo Mail Patches Severe XSS Flaw Affecting 300M Users (Infosecurity Magazine) Critical Yahoo email flaw patched through bug bounty program (ZDNet) Suomalaismies
A stored XSS vulnerability in Yahoo Mail was patched earlier this month. The flaw allowed malicious JavaScript code to be embedded in a specially