Lucene search
K

1561 matches found

Nuclei
Nuclei
added 9 hours ago12 views

Youzify < 1.2.0 - Unauthenticated SQLi

The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection id: CVE-2022-1950 info: name: Youzify 1.2.0 - Unauthenticated SQLi author:...

9.8CVSS7.2AI score0.04109EPSS
Exploits1References1
Nuclei
Nuclei
added 9 hours ago60 views

WordPress KiviCare <2.3.9 - SQL Injection

WordPress KiviCare plugin before 2.3.9 contains a SQL injection vulnerability. The plugin does not sanitize and escape some parameters before using them in SQL statements via the ajaxpost AJAX action with the getdoctordetails route. An attacker can possibly obtain sensitive information, modify...

9.8CVSS7.3AI score0.11485EPSS
Exploits2References5
Nuclei
Nuclei
added 9 hours ago28 views

ARMember < 3.4.8 - Unauthenticated Admin Account Takeover

The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username. id:...

8.1CVSS7.3AI score0.0852EPSS
Exploits1References5
Nuclei
Nuclei
added 9 hours ago25 views

WordPress WOOCS < 1.3.7.5 - Cross-Site Scripting

WordPress WOOCS plugin before 1.3.7.5 is susceptible to cross-site scripting. The plugin does not sanitize and escape the woocsinordercurrency parameter of the woocsgetproductspricehtml AJAX action, available to both unauthenticated and authenticated users, before outputting it back in the...

6.1CVSS6AI score0.01798EPSS
Exploits2References5
CVE
CVE
added 10 hours ago9 views

CVE-2026-12729

The CVE concerns the weDocs: AI Powered Knowledge Base WordPress plugin up to version 2.3.0, where the do_migration() function is exposed via the wedocs_migrate_betterdocs_to_wedocs AJAX action without nonce verification (check_ajax_referer) and without a current_user_can capability check. This a...

4.3CVSS5.6AI score
Exploits0References6
Nuclei
Nuclei
added yesterday45 views

Web Directory Free < 1.7.0 - SQL Injection

The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based. id: CVE-2024-3552 info: name: Web Directory Free 1.7.0 - SQL...

9.8CVSS5.8AI score0.67288EPSS
Exploits4References2
Cvelist
Cvelist
added yesterday21 views

CVE-2026-12134 JoomSport <= 5.7.8 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Group Creation/Modification via season_groupedit AJAX action

The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.7.8. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00403EPSS
Exploits0References8
NVD
NVD
added yesterday9 views

CVE-2026-14249

The Request a Quote plugin for WordPress is vulnerable to Code Injection in versions up to, and including, 2.5.5 via the emddeletefile AJAX action. This is due to the emddeletefile handler deriving a PHP function name from the attacker-controlled $POST'path' parameter and invoking it dynamically...

7.5CVSS0.00333EPSS
Exploits0References6
Cvelist
Cvelist
added yesterday25 views

CVE-2026-14249 Request a Quote Form Plugin <= 2.5.5 - Unauthenticated Code Injection via 'path' Parameter

The Request a Quote plugin for WordPress is vulnerable to Code Injection in versions up to, and including, 2.5.5 via the emddeletefile AJAX action. This is due to the emddeletefile handler deriving a PHP function name from the attacker-controlled $POST'path' parameter and invoking it dynamically...

7.5CVSS0.00333EPSS
Exploits0References6
CVE
CVE
added 2 days ago11 views

CVE-2026-11887

The CVE concerns the Salon Booking System WordPress plugin prior to 10.30.20. Affected component: an AJAX action without proper authorization checks, enabling any authenticated user (e.g., a subscriber) to modify the plugin’s settings and bypass manual approval of new bookings. Root cause: insuff...

4.3CVSS5.8AI score0.00178EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago38 views

CVE-2026-11887 Salon Booking System < 10.30.20 - Subscriber+ Booking Approval Bypass

The Salon Booking System WordPress plugin before 10.30.20 does not have proper authorisation checks on one of its AJAX actions, allowing any authenticated user, such as a subscriber, to modify a Salon Booking System WordPress plugin before 10.30.20 setting and bypass the manual approval of new...

0.00178EPSS
Exploits0References1
NVD
NVD
added 6 days ago9 views

CVE-2026-12415

The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravelinvoiceeditaccount AJAX action in versions up to, and including, 1.0.0. The handler is exposed via wpajaxnoprivpravelinvoiceeditaccount, accepts an attacker-controlled...

9.8CVSS0.00662EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 7:16 a.m.10 views

CVE-2026-10835

The SALESmanago & Leadoo WordPress plugin before 3.11.3 does not properly sanitise and escape a parameter passed to one of its AJAX actions before using it in a SQL statement, and fails to enforce authorisation on that action, allowing authenticated users with minimal permissions, such as...

7.7CVSS0.00215EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 6:0 a.m.9 views

EUVD-2026-39625

The SALESmanago & Leadoo WordPress plugin before 3.11.3 does not properly sanitise and escape a parameter passed to one of its AJAX actions before using it in a SQL statement, and fails to enforce authorisation on that action, allowing authenticated users with minimal permissions, such as...

7.7CVSS5.8AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 6:0 a.m.32 views

CVE-2026-7859 Motors Car Dealership & Classified Listings < 1.4.110 - Unauthenticated Post-Meta Write via stm_ajax_add_a_car_media

The Motors WordPress plugin before 1.4.110 does not have proper authorisation and CSRF checks on one of its AJAX actions, allowing unauthenticated attackers to modify arbitrary post metadata, such as the gallery, featured image and, on WooCommerce sites, product prices...

0.00117EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 6:0 a.m.11 views

EUVD-2026-38214

The Motors WordPress plugin before 1.4.110 does not have proper authorisation and CSRF checks on one of its AJAX actions, allowing unauthenticated attackers to modify arbitrary post metadata, such as the gallery, featured image and, on WooCommerce sites, product prices...

5.3CVSS6AI score0.00117EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/20 8:29 a.m.27 views

CVE-2026-11912 Simple File List <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action

The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete and modify files on the serve. This vulnerability is...

7.5CVSS0.00433EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/19 3:34 p.m.30 views

CVE-2017-20257 Joomla! Component Quiz Deluxe 3.7.4 SQL Injection

Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the ajaxaction.flagquestion task. Attackers can inject malicious SQL code via the stuquizid or flagquest parameters to manipulate database...

8.8CVSS0.00334EPSS
Exploits0References4
CVE
CVE
added 2026/06/19 3:34 p.m.13 views

CVE-2017-20257

Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands via the ajaxaction.flag_question task. Exploitation can occur by injecting malicious SQL through the stu_quiz_id or flag_quest parameters to manipula...

8.8CVSS6.3AI score0.00334EPSS
Exploits0References4
NVD
NVD
added 2026/06/18 8:16 a.m.13 views

CVE-2026-9815

The MagicForm WordPress plugin through 0.1.3 does not properly validate the type of files uploaded through an unauthenticated AJAX action when a form's per-field extension allowlist is left empty, allowing unauthenticated attackers to upload PHP files and execute arbitrary code on the server...

6.5CVSS0.00215EPSS
Exploits0References1
Rows per page
Query Builder