Lucene search
K

265322 matches found

Nuclei
Nuclei
added 2 hours ago189 views

MasterStudy LMS <= 3.3.3 - Unauthenticated Local File Inclusion via template

The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.3 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP cod...

9.8CVSS7.8AI score0.05018EPSS
Exploits0References5
Nuclei
Nuclei
added 2 hours ago48 views

Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so. id:...

7.5CVSS7.2AI score0.25855EPSS
Exploits2References2
Nuclei
Nuclei
added 2 hours ago160 views

Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE

The Import XML and RSS Feeds WordPress plugin before 2.1.5 allows unauthenticated attackers to execute arbitrary commands via a web shell. id: CVE-2023-4521 info: name: Import XML and RSS Feeds 2.1.5 - Unauthenticated RCE author: princechaddha severity: critical description: The Import XML and RS...

9.8CVSS7.4AI score0.39294EPSS
Exploits2References1
Nuclei
Nuclei
added 2 hours ago76 views

Relevanssi (A Better Search) <= 4.22.0 - Query Log Export

The Relevanssi Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data. id: CVE-2024-1380 info: name: Relevanssi A...

5.3CVSS6.8AI score0.50192EPSS
Exploits0References3
Nuclei
Nuclei
added 2 hours ago98 views

Business Directory Plugin <= 6.4.2 - SQL Injection

The Business Directory Plugin Easy Listing Directories for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘listingfields’ parameter in all versions up to, and including, 6.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient...

9.8CVSS6AI score0.10272EPSS
Exploits1References4
Nuclei
Nuclei
added 2 hours ago62 views

3DPrint Lite < 1.9.1.5 - Arbitrary File Upload

The plugin does not have any authorisation and does not check the uploaded file in its p3dlitehandleupload AJAX action , allowing unauthenticated users to upload arbitrary file to the web server. However, there is a .htaccess, preventing the file to be accessed on Web servers such as Apache. id:...

9.8CVSS7.4AI score0.06646EPSS
Exploits2References3
Nuclei
Nuclei
added 2 hours ago67 views

MStore API < 3.9.8 - SQL Injection

The MStore API WordPress plugin before 3.9.8 is vulnerable to Blind SQL injection via the productid parameter. id: CVE-2023-3077 info: name: MStore API 3.9.8 - SQL Injection author: DhiyaneshDK severity: critical description: | The MStore API WordPress plugin before 3.9.8 is vulnerable to Blind S...

9.8CVSS7.2AI score0.05304EPSS
Exploits2References2
Nuclei
Nuclei
added 2 hours ago52 views

User Meta WP Plugin < 3.1 - Sensitive Information Exposure

The User Meta is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0 via the /views/debug.php file. This makes it possible for unauthenticated attackers, with to extract sensitive configuration data. id: CVE-2024-33575 info: name: User Meta WP Plugin 3.1 -...

5.3CVSS5.9AI score0.01121EPSS
Exploits0References3
Nuclei
Nuclei
added 2 hours ago60 views

Shield Security WP Plugin <= 18.5.9 - Local File Inclusion

The Shield Security Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the renderactiontemplate parameter. This makes it possible for unauthenticated attacker to include and execute PHP fil...

9.8CVSS7.4AI score0.56567EPSS
Exploits0References3
Nuclei
Nuclei
added 2 hours ago138 views

PayPlus Payment Gateway < 6.6.9 - SQL Injection

The PayPlus Payment Gateway WordPress plugin before 6.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement via a WooCommerce API route available to unauthenticated users, leading to an SQL injection vulnerability. id: CVE-2024-6205 info: name: PayPlus Payment...

9.8CVSS7.2AI score0.04168EPSS
Exploits4References3
Nuclei
Nuclei
added 2 hours ago151 views

User Profile Builder < 3.11.8 - File Upload

The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP. id: CVE-2024-6366 info: name: User Profile Builder 3.11.8 - File Upload author: s4e-io severity: high...

9.1CVSS6AI score0.28993EPSS
Exploits2References3
Nuclei
Nuclei
added 2 hours ago79 views

Stock Ticker <= 3.23.2 - Cross-Site Scripting

The Stock Ticker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in the ajaxstocktickerload function in versions up to, and including, 3.23.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

7.1CVSS7AI score0.0068EPSS
Exploits0References5
Nuclei
Nuclei
added 2 hours ago61 views

Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints

The Integrate Google Drive plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several REST API endpoints in versions up to, and including, 1.1.99. This makes it possible for unauthenticated attackers to perform a wide variety of operations, such as movi...

9.8CVSS7.2AI score0.06399EPSS
Exploits0References2
Nuclei
Nuclei
added 2 hours ago376 views

WordPress Plugin Forminator 1.24.6 - Arbitrary File Upload

The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the uploadpostimage function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload...

9.8CVSS7.8AI score0.12749EPSS
Exploits3References5
Nuclei
Nuclei
added 2 hours ago70 views

Ninja Forms < 3.6.26 - Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin id: CVE-2023-37979 info: name: Ninja Forms 3.6.26 - Cross-Site Scripting author: r3Y3r53 severity:...

7.1CVSS7AI score0.0601EPSS
Exploits6References5
Nuclei
Nuclei
added 2 hours ago70 views

Uncanny Toolkit for LearnDash - Open Redirection

A vulnerability in the WordPress Uncanny Toolkit for LearnDash Plugin allowed malicious actors to redirect users, posing a potential risk of phishing incidents. The issue has been resolved in version 3.6.4.4, and users are urged to update for security. id: CVE-2023-34020 info: name: Uncanny Toolk...

6.1CVSS7.1AI score0.00963EPSS
Exploits0References3
Nuclei
Nuclei
added 2 hours ago57 views

Video List Manager <= 1.7 - SQL Injection

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. id: CVE-2023-1408 info: name: Video List Manager = 1.7 - SQL Injection author: r3Y3r53 severity: high description: | The...

7.2CVSS7.1AI score0.03229EPSS
Exploits2References3
Nuclei
Nuclei
added 2 hours ago57 views

WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting

WordPress Watu Quiz plugin before 3.3.9.1 is susceptible to cross-site scripting. The plugin does not sanitize and escape some parameters, such as email, dn, date, and points, before outputting then back in a page. An attacker can inject arbitrary script in the browser of an unsuspecting user in...

6.1CVSS6.3AI score0.01252EPSS
Exploits3References5
Nuclei
Nuclei
added 2 hours ago140 views

Companion Sitemap Generator < 4.5.3 - Cross-Site Scripting

The plugin does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. id: CVE-2023-1780 info: name: Companion Sitemap Generator 4.5.3 - Cross-Site Scripting author:...

6.1CVSS6.7AI score0.01019EPSS
Exploits2References2
Nuclei
Nuclei
added 2 hours ago96 views

SupportCandy < 3.1.5 - Unauthenticated SQL Injection

The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks. id: CVE-2023-1730 info: name: SupportCandy 3.1.5 - Unauthenticated SQL Injection author:...

9.8CVSS7.2AI score0.40586EPSS
Exploits1References4
Rows per page
Query Builder