How To Fix “Video outside the viewport” Indexing Issue
In this post I am going to discuss how to fix the “video outside the viewport” indexing issue / error which is […]
Author: Spider Sec
WordPress Penetration Test – Client Case Study
In the ever-evolving landscape of cybersecurity, WordPress stands as one of the most popular content management systems (CMS) in the world. Its […]
Multiple Authenticated Stored XSS in NinjaForms Settings Page (Version 3.4.22 )
Authenticated Stored XSS in NinjaForms Settings Page (Version 3.4.22 ) Background A Spider Sec Ltd consultant discovered an Authenticated Stored XSS […]
Registration Magic Multiple Unauthenticated XSS Vulnerabilities (Version 4.6.0.0)
Registration Magic Version 4.6.0.0 (Multiple XSS Vulnerabilities) Background After discovering two new WordPress Plugin vulnerabilities on a recent web application penetration test […]
Registration Magic Authenticated Blind SQL Injection inside URL
(Version 4.6.0.0)
Registration Magic Version 4.6.0.0 Authenticated Blind SQL Injection in URL Background If you still haven’t read the preface to this discovery […]
Calculated Fields Form WP Plugin (Version <= 1.0.353) Authenticated Stored XSS
Calculated Fields Form WP Plugin (Version <= 1.0.353) Multiple Authenticated Stored XSS Background The Calculated Fields Form plugin through 1.0.353 for WordPress […]
Chained Quiz WP Plugin Unauthenticated Reflected XSS (Version 1.1.8.1)
Chained Quiz WP Plugin Unauthenticated Reflected XSS (Version 1.1.8.1) Background During a web application penetration testing engagement, we discovered our client was […]