Colette Chamberland

7 exploits Active since Nov 2017
CVE-2016-10997 EXPLOITDB MEDIUM text WORKING POC
beauty-premium 1.0.8 - Cross-Site Request Forgery with Arbitrary File Upload in sendmail.php
The beauty-premium theme 1.0.8 for WordPress has CSRF with resultant arbitrary file upload in includes/sendmail.php.
CVSS 6.5
CVE-2017-16562 EXPLOITDB CRITICAL text WRITEUP
UserPro plugin <4.9.17.1 - Auth Bypass
The UserPro plugin before 4.9.17.1 for WordPress, when used on a site with the "admin" username, allows remote attackers to bypass authentication and obtain administrative access via a "true" value for the up_auto_log parameter in the QUERY_STRING to the default URI.
CVSS 9.8
CVE-2018-8719 EXPLOITDB MEDIUM text WRITEUP
WP Security Audit Log <3.1.1 - Info Disclosure
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for attackers to possibly find sensitive information.
CVSS 5.3
EIP-2026-113700 EXPLOITDB text WORKING POC
WordPress Plugin DZS Videogallery < 8.60 - Multiple Vulnerabilities
CVE-2018-9118 EXPLOITDB HIGH text WORKING POC
99 Robots WP Background Takeover Advertisements < 4.1.5 - Path Traversal via Filename Parameter
exports/download.php in the 99 Robots WP Background Takeover Advertisements plugin before 4.1.5 for WordPress has Directory Traversal via a .. in the filename parameter.
CVSS 7.5
EIP-2026-113593 EXPLOITDB text WORKING POC
WordPress Plugin Best Web Soft Captcha 4.1.5 - Multiple Vulnerabilities
CVE-2017-16949 EXPLOITDB CRITICAL text WORKING POC
AccessKeys AccessPress Anonymous Post Pro <3.1.9 - Code Injection
An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. Improper input sanitization allows the attacker to override the settings for allowed file extensions and upload file size, related to inc/cores/file-uploader.php and file-uploader/file-uploader-class.php. This allows the attacker to upload anything they want to the server, as demonstrated by an action=ap_file_upload_action&allowedExtensions[]=php request to /wp-admin/admin-ajax.php that results in a .php file upload and resultant PHP code execution.
CVSS 9.8