B0UG - Security Researcher - Exploit Intelligence Platform

CVE-2018-10371 EXPLOITDB MEDIUM text WRITEUP

WF Cookie Consent <1.1.3 - XSS

An issue was discovered in the wunderfarm WF Cookie Consent plugin 1.1.3 for WordPress. A persistent cross-site scripting vulnerability has been identified in the web interface of the plugin that allows the execution of arbitrary HTML/script code to be executed in a victim's web browser via a page title.

CVSS 6.1

View Code

CVE-2018-20556 EXPLOITDB HIGH text WRITEUP

Booking Calendar - SQL Injection

SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the booking_id parameter.

CVSS 8.8

View Code

CVE-2018-10309 EXPLOITDB MEDIUM text WRITEUP

Responsive Cookie Consent <1.8 - XSS

The Responsive Cookie Consent plugin before 1.8 for WordPress mishandles number fields, leading to XSS.

CVSS 5.4

View Code

CVE-2018-10310 EXPLOITDB MEDIUM text WRITEUP

Catapult UK Cookie Consent <2.3.10 - XSS

A persistent cross-site scripting vulnerability has been identified in the web interface of the Catapult UK Cookie Consent plugin before 2.3.10 for WordPress that allows the execution of arbitrary HTML/script code in the context of a victim's browser.

CVSS 5.4

View Code