WordPress plugin Custom Content Shortcode 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A path traversal vulnerability exists in WordPress...

WordPress plugin GetResponse 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2023-16613 · WordPress · Shortcodes Ultimate

Name of the Vulnerable Software and Affected Versions: WordPress Shortcodes Plugin — Shortcodes Ultimate versions prior to 5.12.8 Description: The issue allows any authenticated users, such as subscribers, to retrieve arbitrary user meta, excluding the user pass, via the user shortcode. This...

WordPress plugin React Webcam 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

Scheduled Announcements Widget < 1.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Note: First you need to add an...

PT-2023-16061 · WordPress · Responsive Clients Logo Gallery Plugin

Name of the Vulnerable Software and Affected Versions: The Responsive Clients Logo Gallery Plugin for WordPress versions 1.1.9 and earlier Description: The issue arises from the plugin's failure to validate and escape some of its shortcode attributes before outputting them in a page or post,...

PT-2023-16193 · WordPress · Custom Content Shortcode

Name of the Vulnerable Software and Affected Versions: Custom Content Shortcode WordPress plugin versions 4.0.2 and earlier Description: The Custom Content Shortcode WordPress plugin does not validate one of its shortcode attributes, which could allow users with a contributor role and above to...

PT-2023-16053 · WordPress · Getresponse

Name of the Vulnerable Software and Affected Versions: GetResponse for WordPress plugin versions 5.5.31 and earlier Description: The issue arises from the plugin's failure to validate and escape certain shortcode attributes before outputting them in a page or post where the shortcode is embedded...

WordPress plugin WPB Advanced FAQ 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2023-16215 · WordPress · React Webcam Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: React Webcam WordPress plugin version 1.2.0 Description: The issue is related to the React Webcam WordPress plugin, which does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the...

WordPress Profile Builder 3.9.0 Missing Authorization

Description: Profile Builder – User Profile & User Registration Forms get’. Finally, the function returns the value of the retrieved ‘key’ for the given ‘userid’. During this process, capability checks are not properly implemented to ensure that the user executing the function is authorized to...

WordPress Profile Builder 3.9.0 Missing Authorization Vulnerability

WordPress Profile Builder plugin versions 3.9.0 and below suffer from a missing authorization vulnerability in wppbtoolboxusermetahandler. Description: Profile Builder – User Profile & User Registration Forms get’. Finally, the function returns the value of the retrieved ‘key’ for the given...

Vulnerability Patched in Cozmolabs Profile Builder Plugin – Information Disclosure Leads to Account Takeover

Hundreds, if not thousands of WordPress plugins are conceived with the idea of making site building and maintenance easier for site owners. They add features not available in WordPress Core that would otherwise require site owners to write their own code to extend functionality. However, these...

CVE-2023-0172

The Juicer WordPress plugin before 1.11 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0073

The Client Logo Carousel WordPress plugin through 3.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2022-4661

The Widgets for WooCommerce Products on Elementor WordPress plugin before 1.0.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

CVE-2023-0749

The Ocean Extra WordPress plugin before 2.1.3 does not ensure that the template to be loaded via a shortcode is actually a template, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, such as draft, private or even password protected ones...

CVE-2023-0066

The Companion Sitemap Generator WordPress plugin through 4.5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scriptin...

CVE-2023-0172

The Juicer WordPress plugin before 1.11 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0538

The Campaign URL Builder WordPress plugin before 1.8.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...