[] NeoSense
E X P L O I T S
title author type platform port cve id

WordPress Plugin Wordfence Security - Multiple Vulnerabilities

Author: Voxel@Night
type: webapps
platform: php
port: 
date_added: 2014-09-14 
date_updated: 2016-01-25 
verified: 1 
codes:  
tags: WordPress Plugin
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/69815/info

The Wordfence Security Plugin for WordPress is prone to following vulnerabilities:

1. Multiple HTML-Injection vulnerabilities
2. Multiple Security Bypass vulnerabilities

Successful exploits of these issues allow the attacker-supplied HTML and script code to run in the context of the affected browser potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user, or to bypass security mechanisms.

Wordfence Security Plugin 5.2.3 is vulnerable; other versions may also be affected

http://www.example.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.