Heine Pedersen

20 exploits Active since May 2012
CVE-2012-2917 EXPLOITDB text WORKING POC
WordPress Share and Follow <1.80.3 - XSS
Cross-site scripting (XSS) vulnerability in the Share and Follow plugin 1.80.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the CDN API Key (cnd-key) in a share-and-follow-menu page to wp-admin/admin.php.
EIP-2026-114038 EXPLOITDB text WORKING POC
WordPress Plugin Sharebar 1.2.1 - SQL Injection / Cross-Site Scripting
CVE-2012-6624 EXPLOITDB text WORKING POC
Mightymess Soundcloud IS Gold - XSS
Cross-site scripting (XSS) vulnerability in the SoundCloud Is Gold plugin 2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the width parameter in a soundcloud_is_gold_player_preview action to wp-admin/admin-ajax.php.
EIP-2026-114122 EXPLOITDB text WRITEUP
WordPress Plugin Track That Stat 1.0.8 - Cross-Site Scripting
CVE-2012-6622 EXPLOITDB text WORKING POC
Vasthtml Forumpress < 1.7.4 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) groupid parameter in an editgroup action or (2) usergroup_id parameter in an edit_usergroup action.
EIP-2026-113819 EXPLOITDB text WORKING POC
WordPress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
CVE-2012-2913 EXPLOITDB text WORKING POC
Leaflet plugin <0.0.1 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet plugin 0.0.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) leaflet_layer.php or (2) leaflet_marker.php, as reachable through wp-admin/admin.php.
CVE-2012-2913 EXPLOITDB text WRITEUP
Leaflet plugin <0.0.1 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet plugin 0.0.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) leaflet_layer.php or (2) leaflet_marker.php, as reachable through wp-admin/admin.php.
EIP-2026-113861 EXPLOITDB text WORKING POC
WordPress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-113885 EXPLOITDB text WORKING POC
WordPress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-113514 EXPLOITDB text WORKING POC
WordPress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-113920 EXPLOITDB text WRITEUP
WordPress Plugin Network Publisher 5.0.1 - 'networkpub_key' Cross-Site Scripting
EIP-2026-113921 EXPLOITDB text WORKING POC
WordPress Plugin NewsLetter Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-113949 EXPLOITDB text WORKING POC
WordPress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-113985 EXPLOITDB text WORKING POC
WordPress Plugin Pretty Link Lite 1.5.2 - SQL Injection / Cross-Site Scripting
EIP-2026-113895 EXPLOITDB text WORKING POC
WordPress Plugin Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-113622 EXPLOITDB text WORKING POC
WordPress Plugin CataBlog 1.6 - 'admin.php' Cross-Site Scripting
EIP-2026-113698 EXPLOITDB text WORKING POC
WordPress Plugin Dynamic Widgets 1.5.1 - 'themes.php' Cross-Site Scripting
EIP-2026-113782 EXPLOITDB text WORKING POC
WordPress Plugin GD Star Rating 1.9.16 - 'tpl_section' Cross-Site Scripting
EIP-2026-113802 EXPLOITDB text WRITEUP
WordPress Plugin GRAND Flash Album Gallery 1.71 - 'admin.php' Cross-Site Scripting