Skip to content
Klikki Oy
Search for:
X
Search for:
X

Tag: bug bounty

MainWP admin panel unauthenticated stored XSS

MainWP is a WordPress remote administration plugin. Missing authorization checks on a setup panel allowed unauthenticated attackers to modify some of the MainWP

Read More

April 29, 2016February 3, 2023 klikki
security bug bounty, wordpress

Yahoo Mail stored XSS

A stored XSS vulnerability in Yahoo Mail was patched earlier this month. The flaw allowed malicious JavaScript code to be embedded in a specially

Read More

January 19, 2016February 3, 2023 klikki
security bug bounty, yahoo

WordPress core stored XSS

Overview A stored XSS vulnerability in WordPress allows an user with the posting capability to compromise the website. Under default configuration, the

Read More

July 24, 2015February 3, 2023 klikki
security bug bounty, wordpress

Google Analytics by Yoast stored XSS #2

Overview Google Analytics by Yoast is a WordPress plug-in for monitoring website traffic. With approximately seven million downloads it’s one of the most popular WordPress

Read More

April 20, 2015February 3, 2023 klikki
security bug bounty, wordpress

Adobe Flash double free and cross domain bypass

Adobe security update APSB15-06 addresses a “double free” vulnerability in the Flash Player Settings Manager. It’s a standalone program that can be launched programmatically

Read More

April 15, 2015February 3, 2023 klikki
security bug bounty

WPML vulnerabilities

Update March 13: Added vulnerability #4, unauthenticated administrative functions. Update April 12: Added vulnerability #5, reflected XSS via HTTP referer. March 19: See also Google Analytics

Read More

March 12, 2015February 3, 2023 klikki
security bug bounty, wordpress

Posts navigation

Newer posts
  • media
  • security
  • Kiekko.tk
  • TyperA
Powered by WordPress

All rights reserved © Klikki Fast Press Theme by Seos Themes