dxw

8 exploits Active since Jul 2014
CVE-2014-4717 EXPLOITDB text WORKING POC
WordPress Simple Share Buttons Adder <4.5 - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ssba_share_text parameter in a save action to wp-admin/options-general.php, which is not properly handled in the homepage, and unspecified vectors related to (2) Pages, (3) Posts, (4) Category/Archive pages or (5) post Excerpts.
EIP-2026-114241 EXPLOITDB text WORKING POC
WordPress Plugin WP Symposium 15.1 - Blind SQL Injection
CVE-2014-6312 EXPLOITDB text WORKING POC
WordPress <3.2.1 - CSRF
Cross-site request forgery (CSRF) vulnerability in the Login Widget With Shortcode (login-sidebar-widget) plugin before 3.2.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the custom_style_afo parameter on the login_widget_afo page to wp-admin/options-general.php.
EIP-2026-113891 EXPLOITDB html WORKING POC
WordPress Plugin Metronet Tag Manager 1.2.7 - Cross-Site Request Forgery
EIP-2026-113754 EXPLOITDB html WORKING POC
WordPress Plugin Firewall 2 1.3 - Cross-Site Request Forgery / Cross-Site Scripting
EIP-2026-113994 EXPLOITDB html WORKING POC
WordPress Plugin Quiz And Survey Master 4.5.4/4.7.8 - Cross-Site Request Forgery
EIP-2026-113912 EXPLOITDB html WORKING POC
WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery
EIP-2026-113755 EXPLOITDB html WORKING POC
WordPress Plugin Firewall 2 1.3 - Cross-Site Request Forgery / Cross-Site Scripting