[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20190426214338.w7ardgm4cugv53fg@tunkki.bugs.fi>
Date: Sat, 27 Apr 2019 00:43:38 +0300
From: Henri Salo <henri@...v.fi>
To: Panagiotis Vagenas <pan.vagenas@...il.com>
Cc: fulldisclosure@...lists.org
Subject: Re: [FD] WordPress Plugin Contact Form Builder [CSRF → LFI]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Sat, Apr 20, 2019 at 07:22:25AM +0300, Panagiotis Vagenas wrote:
> # Exploit Title: Contact Form Builder [CSRF → LFI]
> # Date: 2019-03-17
> # Exploit Author: Panagiotis Vagenas
> # Vendor Homepage: http://web-dorado.com/
> # Software Link: https://wordpress.org/plugins/contact-form-builder
> # Version: 1.0.67
> # Tested on: WordPress 5.1.1
MITRE assigned CVE-2019-11557 for this vulnerability.
- --
Henri Salo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE/aVSDznAZReWTkxKJ633pE6qdXQFAlzDe4kACgkQJ633pE6q
dXRxjg//V58vQe1Qy9ziON4Z3fPFeN+i/GT2qBh1e3HLcfEzwblGmTPHMF1yIU1/
bLrvA+s1DcWVz060S0Mlf9F2pFH2OFiAgttcl6zNsQQjU3SihXmA5FlCPUJrhOXP
1rMAf4zV7nUFpNnERe9ucx+RP3/F3yH8ncnSLzXPciL+z/Ro66hEUkyCoDhIL52m
UH7no3XMFPXtg514Fk5o9THmGCVRApp+JTMfdi/eFQlFNYUDOsmX8KD8PoaYTAT6
sKpzfJ/wVc5PKEsXbi5O/k5S08R8OoKlGQ+hzQFU35Eoprpdn0H+IZtC6Ft6wQyQ
b5CfU/7D6F2pDBvl2GUZPHBg1iwLOiBLIJl+YHBoFMOI+wiJeonwJ7JEml/uhv3O
7parMoY8GWgqNUl1L23fiMXzllhMWbbTV0Gin14EKsFC/dOPmlHRmrnRkZO0EeWm
6XpaZbnyTKVzLDF7JnnkB0uBXxL83ARem/tP0Gdt/zQsvzEtkC6mRnpelY2O/2fy
9ylqYenDzLHJ6+EM2PVGGQJjuyuPAsgrrcmkj7td09nF45J6aGcFOr7GcdyXeTXI
n0mNtl0fjjjAi6HZg4MM3gHZ7sbWESNq92ePxNwj7KhVWyTSb67nbkObs2g59B09
bK56Pf4h3nVupTdCvFXlerADSFhsQrQxR1Q8zWPjjgaW+4b03Jc=
=00mC
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists