what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from James Golovich

WordPress Core 6.3.1 XSS / DoS / Arbitrary Shortcode Execution

Posted Oct 13, 2023

Authored by James Golovich, Rafie Muhammad, WhiteCyberSec, Marc Montpas, Edouard L, s5s, JB Audras, Jorge Costa, raouf_maklouf, mascara7784 | Site wordfence.com

WordPress Core versions prior to 6.3.2 suffer from arbitrary shortcode execution, cross site scripting, denial of service, and information leakage vulnerabilities. Versions prior to 6.3.2 are vulnerable.

tags | exploit, denial of service, arbitrary, vulnerability, code execution, xss

SHA-256 | 2747a0842119425378a1378f7692a4eca0ef390a27497cfbb5b9ecd9e53c5e9f

Download | Favorite | View

WordPress Ninja Forms Unauthenticated File Upload

Posted May 27, 2016

Authored by Rob Carr, James Golovich | Site metasploit.com

Versions 2.9.36 to 2.9.42 of the Ninja Forms plugin contain an unauthenticated file upload vulnerability, allowing guests to upload arbitrary PHP code that can be executed in the context of the web server.

tags | exploit, web, arbitrary, php, file upload

advisories | CVE-2016-1209

SHA-256 | cc15398ab11d0e8cb5fd8ef9052046e7b29bea4c4d0c3133e418bc99ac79897b

Download | Favorite | View