15941 matches found
WordPress Symposium <=15.8.1 - Cross-Site Scripting
WordPress Symposium through 15.8.1 contains a reflected cross-site scripting vulnerability via the wp-content/plugins/wp-symposium/getalbumitem.php?size parameter which allows an attacker to steal cookie-based authentication credentials and launch other attacks. id: CVE-2015-9414 info: name:...
WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting
WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability via the query string to amtyThumbPostsAdminPg.php. id: CVE-2017-17059 info: name: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting author: daffainfo severity: medium description: WordPress...
Podcast Channels < 0.28 - Cross-Site Scripting
The Podcast Channels WordPress plugin was affected by an unauthenticated reflected cross-site scripting security vulnerability. id: CVE-2014-4544 info: name: Podcast Channels 0.28 - Cross-Site Scripting author: daffainfo severity: medium description: The Podcast Channels WordPress plugin was...
LearnPress < 4.2.6.8.1 - Information Disclosure
LearnPress – WordPress LMS Plugin contains a sensitive information exposure caused by incorrect implementation of getitemspermissionscheck function in all versions up to 4.2.6.8, letting unauthenticated attackers extract user emails and basic information. id: CVE-2024-5483 info: name: LearnPress...
WordPress Perfect Images (WP Retina 2x) < 6.4.6 - Sensitive Information Exposure
Jordy Meow Perfect Images Manage Image Sizes, Thumbnails, Replace, Retina versions up to 6.4.5 contain a vulnerability that exposes sensitive information to unauthorized actors, letting attackers access confidential data, exploit requires no specific conditions. id: CVE-2023-44982 info: name:...
Legull WordPress - Cross-Site Scripting
Legull WordPress plugin = 1.2.2 contains a reflected cross-site scripting caused by unsanitized parameter output, letting attackers execute arbitrary scripts in the context of high privilege users, exploit requires victim to click malicious link. id: CVE-2024-13352 info: name: Legull WordPress -...
WordPress GamiPress <= 2.5.7 - SQL Injection
The GamiPress plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 2.5.7 due to insufficient escaping on the user supplied parameter '$qv$fieldid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...
MemberSpace WordPress - Cross-Site Scripting
MemberSpace WordPress plugin 2.1.14 contains a reflected XSS caused by unsanitized and unescaped parameter output, letting unauthenticated attackers execute scripts, exploit requires no authentication. id: CVE-2024-13727 info: name: MemberSpace WordPress - Cross-Site Scripting author: Sourabh-Sah...
WordPress midi-Synth <= 1.1.0 - Unauthenticated Arbitrary File Upload
WordPress midi-Synth plugin \u003C= 1.1.0 contains an unrestricted file upload vulnerability caused by missing file type and extension validation in the 'export' AJAX action, letting unauthenticated attackers upload arbitrary files and potentially execute remote code, exploit requires attacker to...
WP-Lister Lite for Amazon <= 2.6.16 - Cross-Site Scripting
The WP-Lister Lite for Amazon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 2.6.16 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages tha...
WP Responsive Images <= 1.0 - Arbitrary File Read
WP Responsive Images plugin for WordPress = 1.0 contains a path traversal caused by improper sanitization of the 'src' parameter, letting unauthenticated attackers read arbitrary files on the server. id: CVE-2026-1557 info: name: WP Responsive Images = 1.0 - Arbitrary File Read author: Shivam...
Breeze <= 2.4.4 - Arbitrary File Upload
Breeze Cache WordPress plugin = 2.4.4 contains an unrestricted file upload vulnerability caused by missing file type validation in 'fetchgravatarfromremote' function, letting unauthenticated attackers upload arbitrary files, exploit requires 'Host Files Locally - Gravatars' enabled. id:...
WordPress 12 Step Meeting List Plugin <= 3.14.33 - Cross-Site Scripting
Code for Recovery 12 Step Meeting List versions up to 3.14.33 contain a reflected cross-site scripting caused by improper input neutralization during web page generation, letting attackers execute malicious scripts in users' browsers, exploit requires attacker to craft a malicious URL. id:...
WordPress Backup Migration <= 1.3.6 - Path Traversal
WordPress Backup Migration plugin versions up to 1.3.6 contain a path traversal and file validation issue in handledownloading function, letting unauthenticated attackers download backup files containing sensitive information. id: CVE-2023-6266 info: name: WordPress Backup Migration = 1.3.6 - Pat...
WordPress Custom 404 Pro <= 3.11.1 - Reflected XSS
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kunal Nagar Custom 404 Pro allows Reflected XSS.This issue affects Custom 404 Pro: from n/a through 3.11.1. id: CVE-2024-39646 info: name: WordPress Custom 404 Pro = 3.11.1 - Reflected XSS...
WP Go Maps <= 9.0.29 - Cross-Site Scripting
WP Go Maps formerly WP Google Maps plugin for WordPress versions before 9.0.30 is vulnerable to Reflected Cross-Site Scripting via the 'mapid' parameter in the admin map edit page. id: CVE-2024-29931 info: name: WP Go Maps = 9.0.29 - Cross-Site Scripting author: Shivam Kamboj severity: medium...
WP Google Maps < 7.10.43 - Cross-Site Scripting
The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATHINFO. id: CVE-2019-9912 info: name: WP Google Maps 7.10.43 - Cross-Site Scripting author: ritikchaddha severity: medium description: | The wp-google-maps plugin before 7.10.43 for WordPress has XSS via t...
Contact Form Generator <= 2.5.5 - Cross-Site Scripting
The Contact Form Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'id' parameter in wp-admin/admin.php in versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
WordPress Ultimate FAQs <= 1.8.24 – Unauthenticated Options Import and Export
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import. id: CVE-2019-17232 info: name: WordPress Ultimate FAQs = 1.8.24 – Unauthenticated Options Import and Export author: daffainfo severity: high description: |...
Push Notification for Post and BuddyPress <= 1.93 - SQL Injection
Push Notification for Post and BuddyPress plugin for WordPress is vulnerable to SQL Injection via the 'onesignalexternalid' and 'onesignalgetsubscriptionoptionsid' paramters in all versions up to, and including, 1.93 due to insufficient escaping on the user supplied parameter and lack of sufficie...