Marekkis Watermark

Name: Marekkis Watermark-Plugin
Type: XSS
Exploit version: 0.9.2
Release Date: 19-04-2013
Status: A new version of Marekkis Watermark-Plugin has been released  •

Description:
Input passed to the "pfad" parameter in wp-admin/options-general.php (when "page" is set to "marekkis-watermark/wm_dir.php") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Plugin Information

  1. Downloaded: 10232 Times
  2. Current Version: 0.9.4
  3. Author: Profile
  4. Tested up to: 3.5.2
  5. Download Plugin

Security Information

  1. Secunia ID: 52227
  2. Credit: Aditya Balapure
  • Plugin statistics provided by WordPress.org. Updated within the last day or so.
  • ¹ Status info requires plugin author's to fill in versioning info on the wordpress.org repository

WPSecure For Sale

What you get:

1. Website Domain

2. Social Accounts (optional)

3. Website Files

Info: WPSecure.net is ranked PR4 by Google and gets an average 2k-3k monthly visitors. A ton a backlinks point to WPSecure because of it’s security documentation and some websites pull security posts from WPSecure.

Please email support@wpjot.com for inquiries and offers.