Gianluca Brindisi

5 exploits Active since Oct 2012
CVE-2012-5349 EXPLOITDB text WRITEUP
Pay With Tweet < 1.1 - Cross-Site Scripting via Link, Title, or DL Parameter
Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin before 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) title, or (3) dl parameter.
EIP-2026-114132 EXPLOITDB text WRITEUP
WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting
CVE-2012-6499 EXPLOITDB text WRITEUP
Age Verification < 0.4 - Open Redirect via redirect_to Parameter
Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and earlier for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_to parameter.
CVE-2012-6499 EXPLOITDB text WORKING POC
Age Verification < 0.4 - Open Redirect via redirect_to Parameter
Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and earlier for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_to parameter.
CVE-2012-5350 EXPLOITDB text WRITEUP
Pay With Tweet <1.2 - SQL Injection
SQL injection vulnerability in the Pay With Tweet plugin before 1.2 for WordPress allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the id parameter in a paywithtweet shortcode.