1729 lines
48 KiB
XML
1729 lines
48 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<vulnerabilities xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:noNamespaceSchemaLocation="vuln.xsd">
|
|
|
|
<theme name="crius">
|
|
<vulnerability>
|
|
<title>VideoJS Cross-Site Scripting Vulnerability</title>
|
|
<references>
|
|
<secunia>53427</secunia>
|
|
<url>http://seclists.org/fulldisclosure/2013/May/77</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="source">
|
|
<vulnerability>
|
|
<title>VideoJS Cross-Site Scripting Vulnerability</title>
|
|
<references>
|
|
<secunia>53457</secunia>
|
|
<url>http://seclists.org/fulldisclosure/2013/May/77</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="i-love-it">
|
|
<vulnerability>
|
|
<title>VideoJS Cross-Site Scripting Vulnerability</title>
|
|
<references>
|
|
<secunia>53548</secunia>
|
|
<url>http://seclists.org/fulldisclosure/2013/May/77</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="smartstart">
|
|
<vulnerability>
|
|
<title>VideoJS Cross-Site Scripting Vulnerability</title>
|
|
<references>
|
|
<secunia>53460</secunia>
|
|
<url>http://seclists.org/fulldisclosure/2013/May/77</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="covertvideopress">
|
|
<vulnerability>
|
|
<title>VideoJS Cross-Site Scripting Vulnerability</title>
|
|
<references>
|
|
<secunia>53494</secunia>
|
|
<url>http://seclists.org/fulldisclosure/2013/May/77</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="photolio">
|
|
<vulnerability>
|
|
<title>VideoJS Cross-Site Scripting Vulnerability</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2013/May/77</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="onepagewebsite">
|
|
<vulnerability>
|
|
<title>onepagewebsite Full Path Disclosure vulnerability</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20027</url>
|
|
</references>
|
|
<type>FPD</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="vithy">
|
|
<vulnerability>
|
|
<title>vithy Full Path Disclosure vulnerability</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20040</url>
|
|
</references>
|
|
<type>FPD</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="appius">
|
|
<vulnerability>
|
|
<title>appius Full Path Disclosure vulnerability</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20039</url>
|
|
</references>
|
|
<type>FPD</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="yvora">
|
|
<vulnerability>
|
|
<title>yvora Full Path Disclosure vulnerability</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20038</url>
|
|
</references>
|
|
<type>FPD</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="shotzz">
|
|
<vulnerability>
|
|
<title>shotzz Full Path Disclosure vulnerability</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20041</url>
|
|
</references>
|
|
<type>FPD</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="moneymasters">
|
|
<vulnerability>
|
|
<title>moneymasters Full Path Disclosure vulnerability</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20077</url>
|
|
</references>
|
|
<type>FPD</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>moneymasters File Upload Vulnerability (metasploit)</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20076</url>
|
|
</references>
|
|
<type>UPLOAD</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="ovum">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in Imediapixel premium WordPress themes</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="avanix">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in Imediapixel premium WordPress themes</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="ebiz">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in Imediapixel premium WordPress themes</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="ecobiz">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in Imediapixel premium WordPress themes</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-imediapixel.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="traject">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in Parallelus premium WordPress themes</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="intersect">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in Parallelus premium WordPress themes</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="salutation">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in Parallelus premium WordPress themes</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="unite">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in Parallelus premium WordPress themes</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/10/xss-vulnerability-in-parallelus-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="shapeless">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="brisk">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="blaze">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="eunice">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="explicit">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="essence">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="paramount">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="picturefactory">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="sparky">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="theagency">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="konzept">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="daisho">
|
|
<vulnerability>
|
|
<title>XSS vulnerability in multiple premium WordPress themes by Flow/Devatic</title>
|
|
<references>
|
|
<url>http://jannefi.blogspot.fi/2012/09/xss-vulnerability-in-multiple-premium.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="wise">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="webfolio">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="colorbold">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="rockwell">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="xmas">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="designpile">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="alltuts">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="boldy">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="simplo">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="diary">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="journalcrunch">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="prosume">
|
|
<vulnerability>
|
|
<title>Site5 Wordpress Themes Email Spoofing</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/114750/</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="famous">
|
|
<vulnerability>
|
|
<title>WordPress Famous Theme 2.0.5 Shell Upload</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/113842/</url>
|
|
</references>
|
|
<type>UPLOAD</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="deep-blue">
|
|
<vulnerability>
|
|
<title>WordPress Deep-Blue Theme 1.9.2 Arbitrary File Upload Vulnerability</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.org/files/113843/</url>
|
|
</references>
|
|
<type>UPLOAD</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="classipress">
|
|
<vulnerability>
|
|
<title>WordPress Classipress Theme <= 3.1.4 Stored XSS</title>
|
|
<references>
|
|
<exploitdb>18053</exploitdb>
|
|
<url>http://cxsecurity.com/issue/WLB-2011110001</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="merchant">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="smpl">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="drawar">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="sentient">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="whitelight">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="unsigned">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="shelflife">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="olya">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="sliding">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="beveled">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="empire-commerce">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="buro-commerce">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="briefed-commerce">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="wikeasi">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="currents">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="emporium">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="biznizz-commerce">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="kaboodle-commerce">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="inspire-commerce">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="teamster">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="argentum">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="statua-commerce">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="simplicity-commerce">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="canvas-commerce">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="wootique">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="woostore">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="coquette">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="buro">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="swatch">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="announcement">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="empire">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="supportpress">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="editorial">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="statua">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="briefed">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="faultpress">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="kaboodle">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="savinggrace">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="premiere">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="simplicity">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="deliciousmagazine">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="bookclub">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="boldnews">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="placeholder">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="biznizz">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="auld">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="listings">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="elefolio">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="chapters">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="continuum">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="diner">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="skeptical">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="caffeinated">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="crisp">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="sealight">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="estate">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="tma">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="coda">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="inspire">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="apz">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="spectrum">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="diarise">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="boast">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="retreat">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="cityguide">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="canvas">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="postcard">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="delegate">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="mystream">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="optimize">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="backstage">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="bueno">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="digitalfarm">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="headlines">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="therapy">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="rockstar">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="dailyedition">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="object">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="coffeebreak">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="mainstream">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="featurepitch">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="thejournal">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="aperture">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="metamorphosis">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="bloggingstream">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="thestation">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="groovyvideo">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="irresistible">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="cushy">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="wootube">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="abstract">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="busybee">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="blogtheme">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="typebased">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="overeasy">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="snapshot">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="openair">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="freshnews">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="livewire">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="flashnews">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Multiple vulnerabilities in Flash News theme for WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2013/Feb/8</url>
|
|
<url>http://cxsecurity.com/issue/WLB-2013020010</url>
|
|
</references>
|
|
<type>MULTI</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="gazette">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="premiumnews">
|
|
<vulnerability>
|
|
<title>WooThemes WooFramework Remote Unauthenticated Shortcode Execution</title>
|
|
<references>
|
|
<url>https://gist.github.com/2523147</url>
|
|
</references>
|
|
<type>RCE</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="dt-chocolate">
|
|
<vulnerability>
|
|
<title>Wordpress dt-chocolate Theme Image Open redirect</title>
|
|
<references>
|
|
<url>http://cxsecurity.com/issue/WLB-2013020011</url>
|
|
</references>
|
|
<type>UNKNOWN</type>
|
|
</vulnerability>
|
|
<vulnerability>
|
|
<title>Multiple vulnerabilities in Chocolate WP theme for WordPress</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jan/215</url>
|
|
</references>
|
|
<type>MULTI</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="sandbox">
|
|
<vulnerability>
|
|
<title>Wordpress theme sandbox Arbitrary File Upload/FD Vulnerability</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20228</url>
|
|
</references>
|
|
<type>MULTI</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="clockstone">
|
|
<vulnerability>
|
|
<title>WordPress Clockstone Theme upload.php Arbitrary File Upload Vulnerability</title>
|
|
<references>
|
|
<secunia>51619</secunia>
|
|
</references>
|
|
<type>UPLOAD</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="archin">
|
|
<vulnerability>
|
|
<title>WordPress Archin Theme Cross-Site Scripting and Arbitrary File Upload Vulnerabilities</title>
|
|
<references>
|
|
<secunia>50711</secunia>
|
|
</references>
|
|
<type>MULTI</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="purity">
|
|
<vulnerability>
|
|
<title>WordPress Purity Theme Multiple Cross-Site Scripting Vulnerabilities</title>
|
|
<references>
|
|
<secunia>50627</secunia>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="pinboard">
|
|
<vulnerability>
|
|
<title>Wordpress theme pinboard 1.0.6 XSS</title>
|
|
<references>
|
|
<secunia>52079</secunia>
|
|
<url>http://seclists.org/oss-sec/2013/q1/274</url>
|
|
<url>http://cxsecurity.com/issue/WLB-2013020062</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="montezuma">
|
|
<vulnerability>
|
|
<title>montezuma <= 1.1.3 XSS in ZeroClipboard.swf</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20396</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="scarlet">
|
|
<vulnerability>
|
|
<title>scarlet <= 1.1.3 XSS in ZeroClipboard.swf</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20396</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="allure-real-estate-theme-for-placester">
|
|
<vulnerability>
|
|
<title>allure-real-estate-theme-for-placester <= 0.1.1 XSS in ZeroClipboard.swf</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20396</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="allure-real-estate-theme-for-real-estate">
|
|
<vulnerability>
|
|
<title>allure-real-estate-theme-for-real-estate <= 0.1.1 XSS in ZeroClipboard.swf</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20396</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="felici">
|
|
<vulnerability>
|
|
<title>felici XSS Vulnerability</title>
|
|
<references>
|
|
<url>http://1337day.com/exploit/20560</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="classic">
|
|
<vulnerability>
|
|
<title>Classic v1.5 Theme PHP_SELF XSS</title>
|
|
<references>
|
|
<url>http://osvdb.org/38450</url>
|
|
<cve>2007-4483</cve>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="brilliant">
|
|
<vulnerability>
|
|
<title>brilliant File Upload Vulnerability</title>
|
|
<references>
|
|
<url>http://ruinedsec.wordpress.com/2013/04/03/wordpress-themes-exploits-are-in-action-wpscan/</url>
|
|
</references>
|
|
<type>UPLOAD</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="colormix">
|
|
<vulnerability>
|
|
<title>Multiple vulnerabilities in Colormix theme</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2013/Apr/172</url>
|
|
</references>
|
|
<type>MULTI</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="jobroller">
|
|
<vulnerability>
|
|
<title>XSS in jobroller theme</title>
|
|
<references>
|
|
<url>http://cxsecurity.com/issue/WLB-2013060089</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="ambience">
|
|
<vulnerability>
|
|
<title>Xss In wordpress ambience theme</title>
|
|
<references>
|
|
<url>http://packetstorm.igor.onlinedirect.bg/1306-exploits/wpambience-xss.txt</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="slash-wp">
|
|
<vulnerability>
|
|
<title>FPD, XSS and CS vulnerabilities in Slash WP theme</title>
|
|
<references>
|
|
<url>http://seclists.org/fulldisclosure/2013/Jun/166</url>
|
|
</references>
|
|
<type>MULTI</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="persuasion">
|
|
<vulnerability>
|
|
<title>Persuasion Theme: WP-Pretty Photo DOM XSS</title>
|
|
<references>
|
|
<url>http://www.rafayhackingarticles.net/2013/05/kali-linux-dom-based-xss-writeup.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="More">
|
|
<vulnerability>
|
|
<title>MORE+ Theme: prettyPhoto XSS Vulnerability</title>
|
|
<references>
|
|
<secunia>54924</secunia>
|
|
<url>http://archives.neohapsis.com/archives/fulldisclosure/2013-09/0177.html</url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
<theme name="silverorchid">
|
|
<vulnerability>
|
|
<title>silverOrchid - XSS Vulnerability</title>
|
|
<references>
|
|
<url>http://packetstormsecurity.com/files/122986/<url>
|
|
</references>
|
|
<type>XSS</type>
|
|
</vulnerability>
|
|
</theme>
|
|
|
|
</vulnerabilities>
|