Multiple missing authorization vulnerabilities in WordPress Plugin "Advanced Custom Fields"

Overview WordPress Plugin "Advanced Custom Fields" provided by Delicious Brains contains multiple missing authorization vulnerabilities listed below. Missing authorization related to database browsing CWE-862 - CVE-2021-20865 Missing authorization related to user list obtaining CWE-862 -...

JVN#09136401: Multiple missing authorization vulnerabilities in WordPress Plugin "Advanced Custom Fields"

WordPress Plugin "Advanced Custom Fields" provided by Delicious Brains contains multiple missing authorization vulnerabilities listed below. Missing authorization related to database browsing CWE-862 - CVE-2021-20865 Version| Vector| Score ---|---|--- CVSS v3|...

Delicious Brains Advanced Custom Fields 安全漏洞

Delicious Brains Advanced Custom Fields is an advanced custom fields plug-in from Delicious Brains Canada.An access control error vulnerability exists in Delicious Brains Advanced Custom Fields, which stems from a lack of authorization associated with database browsing The vulnerability stems fro...

Delicious Brains Advanced Custom Fields 安全漏洞

Delicious Brains Advanced Custom Fields is an advanced custom fields add-on from Delicious Brains Canada.An authorization issue vulnerability exists in Delicious Brains Advanced Custom Fields, which stems from a lack of authorization related to the movement of field groups. The vulnerability stem...

Delicious Brains Advanced Custom Fields 安全漏洞

Delicious Brains Advanced Custom Fields is an advanced custom fields plugin from Delicious Brains Canada.An information disclosure vulnerability exists in Delicious Brains Advanced Custom Fields, which stems from a lack of authorization related to obtaining user lists. The vulnerability stems fro...

CVE-2021-24850

The Insert Pages WordPress plugin before 3.7.0 adds a shortcode that prints out other pages' content and custom fields. It can be used by users with a role as low as Contributor to perform Cross-Site Scripting attacks by storing the payload/s in another post's custom fields...

Cross site scripting

The Insert Pages WordPress plugin before 3.7.0 adds a shortcode that prints out other pages' content and custom fields. It can be used by users with a role as low as Contributor to perform Cross-Site Scripting attacks by storing the payload/s in another post's custom fields...

CVE-2021-24850 Insert Pages < 3.7.0 - Contributor+ Stored Cross-Site Scripting

The Insert Pages WordPress plugin before 3.7.0 adds a shortcode that prints out other pages' content and custom fields. It can be used by users with a role as low as Contributor to perform Cross-Site Scripting attacks by storing the payload/s in another post's custom fields...

Display Post Metadata < 1.5.0 - Contributor+ Stored Cross-Site Scripting

The plugin adds a shortcode to print out custom fields, however their content is not sanitised or escaped which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks PoC - Login as contributor+ - Create a custom field containing XSS payload eg. - Add this...

Insert Pages < 3.7.0 - Contributor+ Stored Cross-Site Scripting

The plugin adds a shortcode that prints out other pages' content and custom fields. It can be used by users with a role as low as Contributor to perform Cross-Site Scripting attacks by storing the payload/s in another post's custom fields. PoC - Create a page A - Add a custom field containing JS...

WordPress Advanced Custom Fields plugin <= 5.9.9 - Arbitrary ACF Data/Field Groups View and Fields Move vulnerability

Arbitrary ACF Data/Field Groups View and Fields Move vulnerability discovered by Keitaro Yamazaki in WordPress Advanced Custom Fields plugin versions = 5.9.9. Solution Update the WordPress Advanced Custom Fields plugin to the latest available version at least 5.10...

Advanced Custom Fields < 5.11 - Subscriber+ Arbitrary ACF Data/Field Groups View and Fields Move

Some of the functions did not have proper capability checks in place, allowing low privilege users such as subscribers to view arbitrary ACF data, movie fields, as well as view field groups...

Textpattern CMS < 4.8.2 XSS Vulnerability

Textpattern CMS is prone to a cross-site scripting XSS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

uListing < 2.0.6 - Multiple CSRF

The plugin is lacking proper CSRF checks in multiple protected actions within wp-admin pages, leaving them vulnerable to CSRF attacks. PoC | CSRF | Add/Edit Pricing Plans: POST /wp-admin/admin-ajax.php HTTP/2 Host: example.com Cookie: agent or admin cookies User-Agent: Mozilla/5.0 Content-Type:...

CVE-2020-23239

Cross Site Scripting XSS vulnerability in Textpattern CMS 4.8.1 via Custom fields in the Menu Preferences feature...

Cross site scripting

Cross Site Scripting XSS vulnerability in Textpattern CMS 4.8.1 via Custom fields in the Menu Preferences feature...

CVE-2020-23239

Cross Site Scripting XSS vulnerability in Textpattern CMS 4.8.1 via Custom fields in the Menu Preferences feature...

Stored XSS via Custom Fields creation on AssociateFieldToScreens page - CVE-2021-39117

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting SXSS vulnerability in the Custom Fields creation feature on the AssociateFieldToScreens page. This bug was introduced in version 8.15.0, and i...

Stored XSS via Custom Fields creation on AssociateFieldToScreens page - CVE-2021-39117

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Stored Cross-Site Scripting SXSS vulnerability in the Custom Fields creation feature on the AssociateFieldToScreens page. This bug was introduced in version 8.15.0, and i...

CVE-2021-24388

In the VikRentCar Car Rental Management System WordPress plugin before 1.1.7, there is a custom filed option by which we can manage all the fields that the users will have to fill in before saving the order. However, the field name is not sanitised or escaped before being output back in the page,...