Skip to content
Klikki Oy
Search for:
X
Search for:
X

Tag: wordpress

Google Forms (WordPress plugin) SSRF vulnerability

Overview Google Forms is a WordPress plugin that can be used to embed forms from Google Docs. It has 20,000+ active install as

Read More

January 20, 2018February 3, 2023 klikki
security bug bounty, wordpress

Formidable Forms vulnerabilities

Overview Formidable Forms is a WordPress plugin with over 200,000 active installs. It is used for creating contact forms, polls, surveys, and other

Read More

November 13, 2017February 3, 2023 klikki
security bug bounty, wordpress

Lazy Load stored XSS

Overview Lazy Load is a WordPress plugin with over 90,000 active installs. It was developed by Automattic, TechCrunch, and 10up LLC. The

Read More

November 5, 2017February 3, 2023 klikki
security bug bounty, uber, wordpress

WP Engine security issues

Overview WP Engine is a managed WordPress hosting platform. When it comes to security, WP Engine seems to offer a lot of

Read More

October 19, 2017February 3, 2023 klikki
security bug bounty, uber, wordpress

PageLines Platform 1.1.4 CSRF vulnerability

Platform 4 by PageLines is a WordPress theme. During a bug bounty investigation, a CSRF-RCE vulnerability was found in the administrative functions of the

Read More

November 23, 2016February 3, 2023 klikki
security wordpress

W3 Total Cache SSRF vulnerability

W3 Total Cache is a caching plugin with more than a million active installs. Versions prior to 0.9.5 are vulnerable to a server

Read More

October 31, 2016February 3, 2023 klikki
security wordpress

WordPress Stream plugin stored XSS / remote code execution

June 29, 2016February 3, 2023 klikki
security bug bounty, uber, wordpress

Fluid Responsive Slideshow CSRF vulnerability

The Fluid Responsive Slideshow WordPress plugin was found vulnerable to a CSRF bug that could ultimately lead to server-side compromise. Additionally there was a

Read More

May 18, 2016February 3, 2023 klikki
security wordpress

All-in-One Event Calendar stored XSS and SQL injection

All-in One Event Calendar by Time.ly is a WordPress plugin with 100,000+ active installs according to statistics provided by WordPress. Two critical bugs

Read More

May 17, 2016February 3, 2023 klikki
security wordpress

MainWP admin panel unauthenticated stored XSS

MainWP is a WordPress remote administration plugin. Missing authorization checks on a setup panel allowed unauthenticated attackers to modify some of the MainWP

Read More

April 29, 2016February 3, 2023 klikki
security bug bounty, wordpress

Posts navigation

Older posts
  • media
  • security
  • Kiekko.tk
  • TyperA
Powered by WordPress

All rights reserved © Klikki Fast Press Theme by Seos Themes