Plugin Berbahaya Joomla & WordPress

November 30, 2010
 Admin Staff

Plugin-plugin yang kami sebutkan ini kami peroleh dari banyak sumber di Internet yang telah kami kumpukan jadi 1 sehingga akan dengan mudah untuk di teliti.

Plugin/modul/component/versi  yang kami sebutkan disini adalah pada saat kondisi sesuai versi yang tertera di dalam daftar. Bagi anda yang masih menggunakan plugin tersebut namun pembuat plugin memiliki versi yang lebih baru , artinya plugin itu masih bisa di gunakan.

Berhati-hatilah menggunakan plugin/modul/component/version sbb :

Joomla :

  • !JoomlaComment 4.0 beta1
  • AWD Wall 1.5
  • BF Survey Pro
  • com_aclassf
  • com_agora
  • com_ajaxchat
  • com_album
  • com_alphauserpoints
  • com_artportal
  • com_booklibrary
  • com_cbresumebuilder
  • com_content
  • com_digifolio
  • com_djcatalog
  • com_facebook
  • com_fastball
  • com_foobla_suggestions
  • com_gameserver
  • com_groups
  • com_hbssearch
  • com_icrmbasic
  • com_idoblog
  • com_jabode
  • com_jbudgetsmagic
  • MusicGallery
  • milen Photo Gallery
  • Quick News
  • com_virtuemart
  • com_digistore
  • JvideoDirect
  • JEvent search plugin
  • Kunena
  • idoblog
  • ccnewsletter
  • Virtuemart 1.1.4
  • JBDiary
  • JbPublishDownFp
  • com_casino
  • Mochigames
  • JoomlaXML
  • JVClouds3D SWF module
  • perchagallery
  • econtentsite
  • Jvehicles
  • smestorage
  • JE Tooltip
  • Gift Exchange Beta
  • RokDownloads
  • AllVideos 3.1
  • communitypolls
  • Flash Magazine Deluxe
  • juliaportfolio
  • Scriptegrator
  • SqlReport
WordPress :
  • WordPress 2.8.1 (url) Remote Cross Site Scripting Exploit
  • WordPress Plugin My Category Order <= 2.8 SQL Injection Vulnerability
  • WordPress Privileges Unchecked in admin.php and Multiple Information
  • WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability
  • WordPress Plugin DM Albums 1.9.2 Remote File Disclosure Vulnerability
  • WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln
  • WordPress Plugin Photoracer 1.0 (id) SQL Injection
  • WordPress Plugin Lytebox (wp-lytebox) Local File Inclusion
  • WordPress Plugin fMoblog 2.1 (id) SQL Injection
  • WordPress MU < 2.7 ‘HOST’ HTTP Header XSS Vulnerability
  • WordPress plugin WP-Forum 1.7.8 Remote SQL Injection Vulnerability
  • WordPress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln
  • WordPress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit
  • WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln
  • WordPress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln
  • WordPress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit
  • WordPress 2.6.1 SQL Column Truncation Vulnerability
  • WordPress Plugin Download Manager 0.2 Arbitrary File Upload Exploit
  • WordPress Plugin Spreadsheet <= 0.6 SQL Injection Vulnerability
  • WordPress Plugin Download (dl_id) SQL Injection Vulnerability
  • WordPress Plugin Sniplets 1.1.2 (RFI/XSS/RCE) Multiple Vulnerabilities
  • WordPress Photo album Remote SQL Injection Vulnerability
  • WordPress Plugin Simple Forum 1.10-1.11 SQL Injection Vulnerability
  • WordPress Plugin Simple Forum 2.0-2.1 SQL Injection Vulnerability
  • WordPress MU < 1.3.2 active_plugins option Code Execution Exploit
  • WordPress Plugin st_newsletter Remote SQL Injection Vulnerability
  • WordPress Plugin Wordspew Remote SQL Injection Vulnerability
  • WordPress Plugin dmsguestbook 1.7.0 Multiple Remote Vulnerabilities
  • WordPress Plugin WassUp 1.4.3 (spy.php to_date) SQL Injection Exploit
  • WordPress Plugin Adserve 0.2 adclick.php SQL Injection Exploit
  • WordPress plugin fGallery 2.4.1 fimrss.php SQL Injection Vulnerability
  • WordPress Plugin WP-Cal 0.3 editevent.php SQL Injection Vulnerability
  • WordPress plugin WP-Forum 1.7.4 Remote SQL Injection Vulnerability
  • WordPress Plugin Wp-FileManager 1.2 Remote Upload Vulnerability
  • WordPress <= 2.3.1 Charset Remote SQL Injection Vulnerability
  • WordPress Plugin PictPress <= 0.91 Remote File Disclosure Vulnerability
  • WordPress Plugin BackUpWordPress <= 0.4.2b RFI Vulnerability
  • WordPress Multiple Versions Pwnpress Exploitation Tookit (0.2pub)
  • WordPress 2.2 (wp-app.php) Arbitrary File Upload Exploit     21107 R
  • WordPress 2.2 (xmlrpc.php) Remote SQL Injection Exploit
  • WordPress 2.1.3 admin-ajax.php SQL Injection Blind Fishing Exploit
  • WordPress plugin myflash <= 1.00 (wppath) RFI Vulnerability
  • WordPress plugin wordTube <= 1.43 (wpPATH) RFI Vulnerability
  • WordPress plugin wp-Table <= 1.43 (inc_dir) RFI Vulnerability
  • WordPress Plugin myGallery <= 1.4b4 Remote File Inclusion Vulnerability
  • WordPress 2.1.2 (xmlrpc) Remote SQL Injection Exploit
  • WordPress <= 2.0.6 wp-trackback.php Remote SQL Injection Exploit
  • WordPress 2.0.5 Trackback UTF-7 Remote SQL Injection Exploit
  • Enigma 2 WordPress Bridge (boarddir) Remote File Include
  • WordPress <= 2.0.2 (cache) Remote Shell Injection Exploit
  • WordPress <= 1.5.1.3 Remote Code Execution eXploit (metasploit)
  • WordPress <= 1.5.1.3 Remote Code Execution 0-Day Exploit
  • WordPress <= 1.5.1.2 xmlrpc Interface SQL Injection Exploit
  • WordPress <= 1.5.1.1 SQL Injection Exploit
  • WordPress <= 1.5.1.1 “add new admin” SQL Injection Exploit
  • WordPress Blog HTTP Splitting Vulnerability
  • Tweet Meme
Rate this post
Post Views: 13

Related posts:

Celah Keamanan WordPress Plugin & Themes April 2015 (PENTING) Optimasi Keamanan Website WordPress WordPress Update Version 3.4.2 Cara Melakukan Request Restore Account untuk Reseller
  • Admin Staff

  • Bila anda membutuhkan layanan seperti :
    - Hosting
    - Domain
    - VPS / Dedicated Server
    - Email Hosting , Google Workspace
    - Reseller Hosting

    Silahkan lgs ke web kami di AtriumHosting.Com
    WhatsApp Center : 081237908888
    Live Chat Website
    Telegram : 081237908888

Tutorial Domain & Hosting
Exit mobile version