You searched for Cross-Site Scripting vulnerabilities - Page 4 of 7

Advanced File Manager Plugin Vulnerable

Advanced File Manager, security, vulnerable

The "Advanced File Manager" plugin for WordPress, particularly in its versions up to and including 5.2.10, has been identified as vulnerable to arbitrary file uploads due to missing file type validation in critical PHP scripts such as class_fma_connector.php, constants.php, and… Continue Reading Advanced File Manager Plugin Vulnerable

tpl.php

php, tpl, tpl.php, vulnerable

A file tpl.php part of the WordPress plugin "The Listdom – Business Directory and Classified Ads Listings" has been found to be vulnerable to a critical security flaw that could allow attackers to inject malicious scripts into your website. Specifically,… Continue Reading tpl.php

atomlib.php

atomlib, atomlib.php, security, vulnerable

atomlib.php is a core WordPress file primarily responsible for handling the Atom feed format, a type of XML-based feed used for syndicating website content. It defines functions and classes that manage the creation and output of Atom feeds, allowing users… Continue Reading atomlib.php

somryv-shortcodes.php

security, somryv-shortcodes, somryv-shortcodes.php, vulnerable

The somryv-shortcodes.php file is a component of the Responsive Videos plugin for WordPress, designed to make embedding responsive videos seamless. However, it has been discovered to have a severe vulnerability: Stored Cross-Site Scripting (XSS). This flaw affects all plugin versions… Continue Reading somryv-shortcodes.php

content.php

backdoor, content, content.php, php, redirect, security

Content.php is a widely used file in PHP-based websites, often responsible for generating and managing dynamic web content. Its primary purpose is to fetch data, organize it, and render it on a webpage. This can include blog posts, product descriptions,… Continue Reading content.php

inputs.php

inputs, inputs.php, php, vulnerable

The inputs.php file is a commonly targeted component in PHP-based web applications. Its name suggests a file responsible for processing user inputs—often a core function in dynamic websites. This file is typically used to collect, process, and validate data entered… Continue Reading inputs.php

siteheads.php

php, security, siteheads.php, vulnerable

The file siteheads.php has become a focal point for cybersecurity discussions due to its role in website vulnerabilities. Its purpose often varies, but it is typically associated with managing website headers, metadata, or theme-related functionalities in PHP-based content management systems… Continue Reading siteheads.php

FileManager.php

FileManager, FileManager.php, php, security

FileManager.php is a core file within the popular WordPress plugin File Manager Pro – Filester, This plugin is widely used to manage website files directly from the WordPress dashboard, providing an intuitive interface for tasks like editing, uploading, or deleting… Continue Reading FileManager.php

cms

cms, directory, security

The CMS directory is a pivotal component of websites that use a Content Management System (CMS). This folder stores essential files that enable the CMS to function seamlessly. It typically includes core scripts, libraries, and resources that allow users to… Continue Reading cms

/author/admin/

/author/admin/, admin, author, security

The /author/admin/ directory is a mysterious folder that has been a topic of interest for web developers, security experts, and malicious users alike. But what is its purpose, and why is it a prime target for hackers? In this article,… Continue Reading /author/admin/

admin-post.php

WordPress is one of the most popular content management systems (CMS) globally, powering millions of websites. However, its popularity also makes it a prime target for malicious actors seeking to exploit vulnerabilities. One such threat is the backdoor script known… Continue Reading admin-post.php