Date: Wed, 3 Jun 2015 13:54:29 +0300 From: Henri Salo <henri@...v.fi> To: Matthew Daley <mattd@...fuzz.com> Cc: oss-security@...ts.openwall.com Subject: Re: CVE requests / Advisory: Codestyling Localization (Wordpress plugin) - multiple RCE via CSRF, multiple XSS On Wed, Jun 03, 2015 at 08:04:25PM +1200, Matthew Daley wrote: > The plugin has since been removed from the Wordpress plugin directory, > so I don't have the ability to easily link to source code. FWIW, line > references in this advisory refer to what was the latest version of > the plugin, 1.99.30. You can use WordPress Traq when the plugin is in the official repository. Traq is available even the plugin has been disabled from plugin repository: https://plugins.trac.wordpress.org/log/codestyling-localization -- Henri Salo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ