software developer. security enthusiast.
The Benno MailArchiv Web-App (benno-web prior 2.1.0.2) is vulnerable to Cross-Site-Request-Forgery. To exploit the vulnerability the attacker sends a link to a prepared page to a Benno MailArchiv user. The link then is able to trigger actions in the name of the user such as changing the users password (if the user is logged in).
The Benno MailArchiv Web-App is vulnerable to cross-site-scripting if benno-rest-lib / benno-rest prior 2.10.1 is used. To exploit the vulnerability the attacker sends an email containing malicious javascript to an mailbox which is archived by Benno MailArchiv. When a user logs into the Benno Web-App and views the malicious e-mail, the javascript is executed.
The protective feature of WPS Hide Login can be bypassed by sending a crafted POST request containg the field post_password towards the default WordPress login url /wp-login.php. In file /classes/plugin.php on line 494 the plugin explicitly checks for the absence of this POST field but no else-case is defined.