SkyNet Tools

WordPress Plugin wpDiscuz 7.0.4 – Arbitrary File Upload Exploit

June 7, 2021June 7, 2021 Admin

The WordPress plugin wpDiscuz version 7.0.4 suffers an arbitrary file upload vulnerability that does not require authentication.

WordPress 5.0.0 – Image Remote Code Execution

February 1, 2021February 1, 2021 Admin

The WordPress CMS version 5.0.0 suffers from a Image Remote Code Execution vulnerability via access with at least an Author account.

WordPress Plugin Stripe Payments 2.0.39 – ‘AcceptStripePayments-settings[currency_code]’ Vulnerable to Stored XSS

January 5, 2021January 5, 2021 Admin

The WordPress plugin Stripe Payments 2.0.39 suffers from a Stored Cross Site Scripting vulnerability(XSS). Currently their is not an updated version.

WordPress Plugin WP-Paginate 2.1.3 – ‘preset’ Vulnerable to Stored XSS

January 5, 2021January 5, 2021 Admin

The WordPress plugin WP-Paginate 2.1.3 suffers from a Stored Cross Site Scripting vulnerability(XSS). Currently their is not an updated version.

WordPress Core 5.2.2 Suffers – ‘post previews’ XSS Cross Site Scripting Vulnerability

January 4, 2021January 4, 2021 Admin

Currently WordPress Core Version 5.2.2 suffers from cross site scripting vulnerability located within “post previews”. Flaw is fixed by upgrading to WordPress version

WPvSCAN – Scan WordPress CMS and Plugin Version

November 27, 2020 Admin

WPvSCAN scans the version of CMS WordPress on the target website and compares it with the most recent version. After that, it also offers the option of listing all know exploits using SearchSploit tool by […]

WordPress Fancy Product Designer For WooCommerce 4.5.1 File Upload

November 19, 2020 Admin

WordPress Fancy Product Designer for WooCommerce plugin versions 4.5.1 and below suffer from an unauthenticated arbitrary file upload vulnerability.

WordPress Good LMS 2.1.4 SQL Injection

November 15, 2020November 15, 2020 Admin

WordPress Good LMS plugin versions 2.1.4 and below suffer from a remote SQL injection vulnerability.

WordPress File Manager 6.8 Remote Code Execution

November 11, 2020November 11, 2020 Admin

The WordPress File Manager (wp-file-manager) plugin versions 6.0 through 6.8 allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, […]

WordPress Simple File List 5.4 Shell Upload

November 3, 2020November 3, 2020 Admin

WordPress Simple File List plugin version 5.4 suffers from a remote shell upload vulnerability.