The Martian

6 exploits Active since Mar 2017
CVE-2017-6104 EXPLOITDB HIGH python WORKING POC
Zen Mobile App Native < 3.0 - Authentication Bypass
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.
CVSS 7.5
CVE-2017-1002002 EXPLOITDB CRITICAL python WORKING POC
WordPress Plugin Webapp-Builder v2.0 - Info Disclosure
Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/
CVSS 9.8
CVE-2017-1002001 EXPLOITDB CRITICAL python WORKING POC
WordPress Plugin Mobile-App-Build By Wappress <1.05 - Info Disclosure
Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
CVSS 9.8
CVE-2017-1002000 EXPLOITDB CRITICAL python WORKING POC
Mobile-friendly-app-builder-by-easytouch - Unrestricted File Upload
Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.
CVSS 9.8
CVE-2017-1002008 EXPLOITDB CRITICAL python WORKING POC
Membership Simplified - Unrestricted File Upload
Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.
CVSS 9.8
CVE-2017-1002003 EXPLOITDB CRITICAL python WORKING POC
Wp2android-turn-wp-site-into-android-app - Unrestricted File Upload
Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
CVSS 9.8