CVE-2023-2436

The Blog-in-Blog plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bloginblog' shortcode in versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

CVE-2023-2436

The Blog-in-Blog plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bloginblog' shortcode in versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

File Manager Advanced Shortcode <= 2.3.2 - Unauthenticated Remote Code Execution through shortcode

The plugin does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users. PoC 1. Add the following shortcode to ...

PT-2023-10287 · Meitar · Meitar Inline Google Spreadsheet Viewer Plugin

Name of the Vulnerable Software and Affected Versions: meitar Inline Google Spreadsheet Viewer Plugin versions up to 0.9.6 Description: A vulnerability was found in the meitar Inline Google Spreadsheet Viewer Plugin, which is classified as problematic. The issue affects the displayShortcode...

WordPress Plugin Favorites 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

File Manager Advanced Shortcode <= 2.3.2 - Unauthenticated Remote Code Execution through shortcode

The plugin does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users. 1. Add the following shortcode to a...

PT-2023-19527 · WordPress · Blog-In-Blog

Name of the Vulnerable Software and Affected Versions: Blog-in-Blog plugin for WordPress versions up to, and including, 1.1.1 Description: The issue allows editor-level and above attackers to include and execute arbitrary files on the server via a shortcode attribute, potentially bypassing access...

CVE-2022-4676

The OSM WordPress plugin through 6.01 does not validate and escape some of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

CVE-2022-4676

The OSM WordPress plugin through 6.01 does not validate and escape some of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

Cross site scripting

The OSM WordPress plugin through 6.01 does not validate and escape some of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

Blog-in-Blog <= 1.1.1 - Editor+ Stored Cross-Site Scripting via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back into the page, which could allow users with an editor role or above to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege users such as admins...

Blog-in-Blog <= 1.1.1 - Editor+ Local File Inclusion via Shortcode

The plugin does not validate a shortcode attribute before using it to include a template file, allowing users with an editor role or above to include arbitrary files readable by the web server, and execute them in case of php files...

PT-2023-15018 · WordPress · Osm Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: OSM WordPress plugin versions through 6.01 Description: The issue concerns the OSM WordPress plugin, where it fails to validate and escape certain shortcode attributes. This could allow users with a role as low as contributor to perform a...

Favorites < 2.3.3 - Contributor+ Stored Cross-Site Scripting via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back into the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege users such as admins...

WordPress Google Map Shortcode Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Google Map Shortcode Type Plugin Vulnerable versions = 3.1.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2899 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c83d68b2188f Credits Lana Codes...

SlideOnline <= 1.2.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC The PoC will be displayed once the issue...

Google Map Shortcode <= 3.1.2 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin PoC Note: The...

PT-2023-19854 · WordPress · The Go Pricing - Wordpress Responsive Pricing Tables

Name of the Vulnerable Software and Affected Versions: The Go Pricing - WordPress Responsive Pricing Tables plugin versions up to, and including, 3.3.19 Description: The issue allows authenticated attackers with subscriber-level permissions and above to inject a PHP Object via deserialization of...

W3 Eden Addresses Authenticated Stored XSS Vulnerability in Download Manager WordPress Plugin

On April 25, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a stored Cross-Site Scripting XSS vulnerability in W3 Eden’s Download Manager plugin, which is actively installed on more than 100,000 WordPress websites, making it one of the mos...

WordPress 5.9.x < 5.9.7 Shortcode Execution

According to its self-reported version number, the detected WordPress application is affected by a shortcode execution in user generated content. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...