endLesS
Webmaster
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : N4TuraL
[~] E-Mail : n4tural.hackerz[MENTION=6783]hotmail[/MENTION].com
[~] Twitter : https://twitter.com/byn4tural
###########################################################
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : Wordfence Security Wordpress Plugin v.6.0.10
|~Vulnerable Type : Cross Site Scripting And File Upload PHP Code Execution
|~RISK : High
|~Software Author : https://www.wordfence.com/
#######################################################
### Cross Site Scripting Error Line in wfAPI.php ###
2875: exit exit ($option_value); // wordfenceClass.php
2872: $option_value = $wpdb->get_var($wpdb->prepare(SELECT option_value FROM {$prefix}options WHERE option_name = %s, $option_name)); // wordfenceClass.php
2870: $prefix = $wpdb->get_blog_prefix($site_id); // wordfenceClass.php
2867: $site_id = !absint($_GET[site_id]) : get_current_blog_id(); // wordfenceClass.php
2868: $option_name = !$_GET[option] : false; // wordfenceClass.php
### File Upload PHP Code Execution Error Line in wfAPI.php ###
643: call_user_func $returnArr = call_user_func(wordfence::ajax_ . $func . _callback); // wordfenceClass.php
642: $func = str_replace(wordfence_, , $func); // wordfenceClass.php
636: $func = $_POST[action] : $_GET[action]; // wordfenceClass.php
[+] Author : N4TuraL
[~] E-Mail : n4tural.hackerz[MENTION=6783]hotmail[/MENTION].com
[~] Twitter : https://twitter.com/byn4tural
###########################################################
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : Wordfence Security Wordpress Plugin v.6.0.10
|~Vulnerable Type : Cross Site Scripting And File Upload PHP Code Execution
|~RISK : High
|~Software Author : https://www.wordfence.com/
#######################################################
### Cross Site Scripting Error Line in wfAPI.php ###
2875: exit exit ($option_value); // wordfenceClass.php
2872: $option_value = $wpdb->get_var($wpdb->prepare(SELECT option_value FROM {$prefix}options WHERE option_name = %s, $option_name)); // wordfenceClass.php
2870: $prefix = $wpdb->get_blog_prefix($site_id); // wordfenceClass.php
2867: $site_id = !absint($_GET[site_id]) : get_current_blog_id(); // wordfenceClass.php
2868: $option_name = !$_GET[option] : false; // wordfenceClass.php
### File Upload PHP Code Execution Error Line in wfAPI.php ###
643: call_user_func $returnArr = call_user_func(wordfence::ajax_ . $func . _callback); // wordfenceClass.php
642: $func = str_replace(wordfence_, , $func); // wordfenceClass.php
636: $func = $_POST[action] : $_GET[action]; // wordfenceClass.php