Page/Post Content Shortcode <= 1.0 - Contributor+ Arbitrary Posts/Pages Access

The plugin does not have proper authorisation in place, allowing users with a role as low as contributor to access draft/private/password protected/trashed posts/pages they should not be allowed to, including posts created by other users such as admins and editors. PoC As a contributor, add the...

WordPress Similar Posts Plugin Code Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code injection vulnerability exists in WordPress Similar Posts plugin 3.1.5 and earlier versions, which...

CVE-2021-24840

The Squaretype WordPress theme before 3.0.4 allows unauthenticated users to manipulate the queryvars used to retrieve the posts to display in one of its REST endpoint, without any validation. As a result, private and scheduled posts could be retrieved via a crafted request...

CVE-2021-24840

The Squaretype WordPress theme before 3.0.4 allows unauthenticated users to manipulate the queryvars used to retrieve the posts to display in one of its REST endpoint, without any validation. As a result, private and scheduled posts could be retrieved via a crafted request...

CVE-2021-24783

The Post Expirator WordPress plugin before 2.6.0 does not have proper capability checks in place, which could allow users with a role as low as Contributor to schedule deletion of arbitrary posts...

CVE-2021-24783

The Post Expirator WordPress plugin before 2.6.0 does not have proper capability checks in place, which could allow users with a role as low as Contributor to schedule deletion of arbitrary posts...

CVE-2021-24788

The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX actions, which both require authentication but are available for all roles. As a result, any authenticated user including simple subscribers can add/set/delete arbitrary categories to posts...

CVE-2021-24537

The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment ie with DISALLOWFILEEDIT, DISALLOWFILEMODS and DISALLOWUNFILTEREDHTML set to true via the 'widgetrrmsimilarpostscondition' widget setting of the plugin...

Design/Logic Flaw

The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment ie with DISALLOWFILEEDIT, DISALLOWFILEMODS and DISALLOWUNFILTEREDHTML set to true via the 'widgetrrmsimilarpostscondition' widget setting of the plugin...

Design/Logic Flaw

The Post Expirator WordPress plugin before 2.6.0 does not have proper capability checks in place, which could allow users with a role as low as Contributor to schedule deletion of arbitrary posts...

Design/Logic Flaw

The Squaretype WordPress theme before 3.0.4 allows unauthenticated users to manipulate the queryvars used to retrieve the posts to display in one of its REST endpoint, without any validation. As a result, private and scheduled posts could be retrieved via a crafted request...

CVE-2021-24840 Squaretype Modern Blog < 3.0.4 - Unauthenticated Private/Schedule Posts Disclosure

The Squaretype WordPress theme before 3.0.4 allows unauthenticated users to manipulate the queryvars used to retrieve the posts to display in one of its REST endpoint, without any validation. As a result, private and scheduled posts could be retrieved via a crafted request...

CVE-2021-24788 Batch Cat <= 0.3 - Subscriber+ Arbitrary Categories Add/Set/Delete to Posts

The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX actions, which both require authentication but are available for all roles. As a result, any authenticated user including simple subscribers can add/set/delete arbitrary categories to posts...

CVE-2021-24783 Post Expirator < 2.6.0 - Contributor+ Arbitrary Post Schedule Deletion

The Post Expirator WordPress plugin before 2.6.0 does not have proper capability checks in place, which could allow users with a role as low as Contributor to schedule deletion of arbitrary posts...

CVE-2021-24537

The CVE-2021-24537 issue affects the WordPress Similar Posts plugin up to version 3.1.5, where a high-privilege user can execute arbitrary PHP code via the widget_rrm_similar_posts_condition setting. The underlying vulnerability stems from allowing crafted payloads in the widget to run code in a ...

WordPress 插件访问控制错误漏洞

WordPress is a set of Wordpress Foundation's blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. WordPress Plugin is a WordPress open source application plugin. an access control error vulnerability exists in the...

WordPress plugin Similar Posts 安全漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code injection vulnerability exists in WordPress Similar Posts plugin 3.1.5 and earlier versions, which...

WordPress Accept Donations with PayPal plugin cross-site request forgery vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Accept Donations with PayPal plugin in versions prior to 1.3.1 has a cross-site request forgery...

CVE-2021-24781

The Image Source Control WordPress plugin before 2.3.1 allows users with a role as low as Contributor to change arbitrary post meta fields of arbitrary posts even those they should not be able to edit...

CVE-2021-24572

The Accept Donations with PayPal WordPress plugin before 1.3.1 provides a function to create donation buttons which are internally stored as posts. The deletion of a button is not CSRF protected and there is no control to check if the deleted post was a button post. As a result, an attacker could...