Lucene search
+L

4 matches found

WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.16 views

Everest Backup < 2.2.5 - Admin+ Arbitrary File Upload

Description The plugin does not properly validate backup files to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup PoC 1. Go to the plugin setting and in the "Restore" section...

9.3AI score0.00649EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/28 12:0 a.m.15 views

Product Enquiry for WooCommerce < 3.1 - Arbitrary Enquiry Deletion via CSRF

Description The plugin does not have a CSRF check in place when deleting inquiries, which could allow attackers to make a logged in admin delete them via a CSRF attack PoC 1. Make an enquiry from the frontend form 2. Go to "Woo Quote Popup Enquiry List" 3. Get the ID of an item 4. Add the ID to...

4.3CVSS6.5AI score0.00203EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/11 12:0 a.m.17 views

WP TripAdvisor Review Slider < 11.9 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to Get TripAdvisor Reviews...

4.8CVSS4.9AI score0.00402EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/09/25 12:0 a.m.21 views

User Activity Log Pro < 2.3.4 - Unauthenticated Stored Cross-Site Scripting via User Agent

Description The plugin does not properly escape recorded User-Agents in the user activity logs dashboard, which may allow visitors to conduct Stored Cross-Site Scripting attacks. PoC 1 Make sure the plugin's Enable User Agent For Log setting is set at /wp-admin/admin.php?page=ualpsettings 2 If...

5.4CVSS5.4AI score0.00394EPSS
Exploits2Affected Software1
Rows per page
Query Builder