78 matches found
CVE-2024-10672
CVE-2024-10672: The Multiple Page Generator Plugin – MPG for WordPress is vulnerable to directory traversal that enables authenticated attackers with editor-level access (and higher) to delete limited server files. Affected versions are
CVE-2024-10672 Multiple Page Generator Plugin – MPG <= 4.0.2 - Authenticated (Editor+) Directory Traversal to Limited File Deletion
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the mpgupsertprojectsourceblock function in all versions up to, and including, 4.0.2. This makes it possible for authenticated attackers, with...
CVE-2024-9590
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image meta field value in the 'wpaftaddmetatextinput' function in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-9590
The CVE refers to WordPress plugin Category and Taxonomy Meta Fields (versions
CVE-2024-9519
The UserPlus plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'savemetaboxform' function in versions up to, and including, 2.0. This makes it possible for authenticated attackers, with editor-level permissions or above, to update t...
CVE-2024-9519 UserPlus <= 2.0 - Authenticated (Editor+) Registration Form Update to Privilege Escalation
The UserPlus plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'savemetaboxform' function in versions up to, and including, 2.0. This makes it possible for authenticated attackers, with editor-level permissions or above, to update t...
CVE-2024-7351 Simple Job Board <= 2.12.3 - Authenticated (Editor+) PHP Object Injection
The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.12.3 via deserialization of untrusted input when editing job applications. This makes it possible for authenticated attackers, with Editor-level access and above, to inject a PH...
CVE-2024-7351
CVE-2024-7351 affects the WordPress plugin “Simple Job Board” (versions up to and including 2.12.3). The vulnerability is a PHP Object Injection via deserialization of untrusted input when updating job applications, exploitable by authenticated users with Editor+ privileges. The initial disclosur...
CVE-2023-0926
The Custom Permalinks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.6.0 due to insufficient input sanitization and output escaping on tag names. This allows authenticated users, with editor-level permissions or greater to inject arbitrary we...
CVE-2024-7388 WP Bannerize Pro <= 1.9.0 - Authenticated (Editor+) Stored Cross-Site Scripting
The WP Bannerize Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via banner alt data in all versions up to, and including, 1.9.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and...
CVE-2024-7560
The News Flash theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the newsflashpostmeta meta value. This makes it possible for authenticated attackers, with Editor-level access and above, to inject a PH...
CVE-2024-7560
CVE-2024-7560 (News Flash Theme – WordPress) is a PHP Object Injection vulnerability affecting all versions up to 1.1.0, exploitable via deserialization of untrusted input from the newsflash_post_meta meta value. The issue permits authenticated attackers with Editor-level access and above to inje...
PT-2024-38420 · WordPress · The News Flash
Name of the Vulnerable Software and Affected Versions: The News Flash theme for WordPress versions up to, and including, 1.1.0 Description: The issue allows authenticated attackers with Editor-level access and above to inject a PHP Object via deserialization of untrusted input from the newsflash...
Visual Composer Website Builder < 45.9.0 - Authenticated (Editor+) Stored Cross-Site Scripting
Description The Visual Composer Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 45.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level...
AI Engine < 2.1.5 - Authenticated (Editor+) Server-Side Request Forgery
Description The AI Engine plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.1.4 via the downloadimage function. This makes it possible for authenticated attackers, with editor-level access and above, to make web requests to arbitrary locatio...
Coupon & Discount Code Reveal Button < 1.2.6 - Authenticated (Editor+) Stored Cross-Site Scripting
Description The Coupon & Discount Code Reveal Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 1.2.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Sendinblue for WooCommerce < 4.0.18 - Authenticated (Editor+) Arbitrary File Download and Deletion
Description The Brevo for WooCommerce plugin for WordPress is vulnerable to arbitrary file download and deletion in all versions up to, and including, 4.0.17. This is due to the plugin not properly validating file names in the getfilecontents and deleteattachment functions. This makes it possible...
CVE-2024-0598
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the contact form message settings in all versions up to and including 3.2.17 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-2344 Avada <= 7.11.6 - Authenticated (Admin+) SQL Injection via entry
The Avada theme for WordPress is vulnerable to SQL Injection via the 'entry' parameter in all versions up to, and including, 7.11.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticted...
Rehub < 19.6.2 - Authenticated (Editor+) Local File Inclusion
Description The Rehub theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 19.6.1. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any...