WordPress Advanced Custom Fields plugin version 4.4.7 suffers from a cross site scripting vulnerability.
>> ARCHIVE: 2016-05
http://maewanphrao.go.th/by.htm notified by GeNErAL
http://nccdmuk.go.th/by.htm notified by GeNErAL
http://dumyai.go.th/z.html notified by ?Mr.bonz-101
This archive contains all of the 144 exploits added to Packet Storm in April, 2016.
The included proof of concept causes a crash due to a stack-based buffer overflow in Wireshark in dissect_2008_16_security_4.
An assertion failure has been discovered in alloc_address_wmem in the ASAN build of Wireshark.
Multiple crashes exist in the ASAN build of Wireshark due to a static out-of-bounds memory read while accessing ett_zbee_zcl_pwr_prof_enphases.
.Net Framework Execute Native x86 Shellcode
Apache Struts Dynamic Method Invocation Remote Code Execution