oss-sec mailing list archives
Multiple vulnerabilities affecting three WordPress Plugins (XSS, info disclosure & DoS)
From: Summer of Pwnage <lists () securify nl>
Date: Thu, 10 Nov 2016 19:18:56 +0100
Please see attached advisories for more information. These issues were found during Summer of Pwnage (https://sumofpwn.nl), a Dutch community project. Its goal is to contribute to the security of popular, widely used OSS projects in a fun and educational way.
Attachment:
information_disclosure_race_condition_in_w3_total_cache_wordpress_plugin.txt
Description:
Attachment:
persistent_cross_site_scripting_in_wp_google_maps_plugin_via_csrf.txt
Description:
Attachment:
reflected_cross_site_scripting_vulnerability_in_w3_total_cache_plugin.txt
Description:
Attachment:
stored_cross_site_scripting_vulnerability_in_404_to_301_wordpress_plugin.txt
Description:
Attachment:
weak_validation_of_amazon_sns_push_messages_in_w3_total_cache_wordpress_plugin.txt
Description:
Current thread:
- Multiple vulnerabilities affecting three WordPress Plugins (XSS, info disclosure & DoS) Summer of Pwnage (Nov 10)