PT-2023-15993 · WordPress · Download Attachments

Name of the Vulnerable Software and Affected Versions: Download Attachments WordPress plugin versions prior to 1.3 Description: The issue concerns the Download Attachments WordPress plugin, which does not validate and escape some of its shortcode attributes before outputting them back in a page o...

WordPress plugin Cost Calculator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Product GTIN for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin i2 Pros & Cons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Download Attachments 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin WPaudio MP3 Player 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress plugin Advanced Recent Posts 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

WordPress Custom Content Shortcode Plugin <= 4.0.2 is vulnerable to Local File Inclusion

Software Custom Content Shortcode Type Plugin Vulnerable versions = 4.0.2 Fixed in N/A OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-0340 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 54e338b50ba0 Credits Erwan LR WPScan Required...

Schedulicity - Easy Online Scheduling <= 2.21 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC schedulenowbutton bizkey='"...

WP Image Carousel <= 1.0.2 - Contributor+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks. 1. Go to the plugin settings and insert all the settings, then save. 2. Insert the following shortcode in a post/page: wpic speed='""; alert1...

WordPress Custom Content Shortcode Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Custom Content Shortcode Type Plugin Vulnerable versions = 4.0.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0273 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 7095ed7eafad Credits Lana Codes...

Simple Vimeo Shortcode <= 2.9.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress Simple Vimeo Shortcode Plugin <= 2.9.1 is vulnerable to Cross Site Scripting (XSS)

Software Simple Vimeo Shortcode Type Plugin Vulnerable versions = 2.9.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27443 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 98d54d5f546d Credits Mika Required...

menu shortcode <= 1.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Exploit shortcode: redirect duration="1"...

NEX-Forms < 8.3.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC 1. Add a form 2. Insert the following...

CVE-2023-0539

The GS Insever Portfolio WordPress plugin before 1.4.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0535

The Donation Block For PayPal WordPress plugin before 2.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

CVE-2023-0381

The GigPress WordPress plugin through 2.3.28 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks...

CVE-2023-0381

The GigPress WordPress plugin through 2.3.28 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks...

CVE-2022-4788

The Embed PDF WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...