Aditya Balapure

3 exploits Active since Dec 2012
CVE-2012-6313 EXPLOITDB text WRITEUP
Simple Gmail Login < 1.1.4 - Unauthenticated Sensitive Information Exposure via Missing Timezone Parameter
simple-gmail-login.php in the Simple Gmail Login plugin before 1.1.4 for WordPress allows remote attackers to obtain sensitive information via a request that lacks a timezone, leading to disclosure of the installation path in a stack trace.
CVE-2013-2501 EXPLOITDB text WORKING POC
terillion_reviews_plugin < 1.1 - Cross-Site Scripting via ProfileId Field
Cross-site scripting (XSS) vulnerability in the Terillion Reviews plugin before 1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ProfileId field.
CVE-2012-6312 EXPLOITDB text WORKING POC
Video Lead Form plugin for WordPress - Cross-Site Scripting via errMsg Parameter
Cross-site scripting (XSS) vulnerability in the Video Lead Form plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the errMsg parameter in a video-lead-form action to wp-admin/admin.php.