>> CATEGORY: Security

WordPress Booking Calendar Plugin 6.2 – SQL Injection

WordPress WP Live Chat Support Plugin 6.2.03 – Stored XSS

[Hebrew] Digital Whisper Security Magazine #74

WordPress ALO EasyMail Newsletter Plugin 2.9.2 – (Add/Import Arbitrary Subscribers) CSRF

Hacking the PS4, part 3 – Kernel exploitation

mySCADAPro 7 – Local Privilege Escalation

VUPlayer 2.49 – (.pls) Stack Buffer Overflow (DEP Bypass)

AXIS Multiple Products – Authenticated Remote Command Execution via devtools Vector

WordPress Ultimate Product Catalog 3.9.8 – (do_shortcode via ajax) Blind SQL Injection

Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 – Post Auth Remote Root Exploit (Metasploit) (3)