Lucene search
+L

1352 matches found

attackerkb
attackerkb
added 2023/08/31 6:15 a.m.4 views

CVE-2023-2173

The BadgeOS plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.7.1.6. This is due to improper validation and authorization checks within the badgeosdeletestepajaxhandler, badgeosdeleteawardstepajaxhandler, badgeosdeletedeductstepajaxhandler,...

6.5CVSS6AI score0.00519EPSS
Exploits0References6
nvd
nvd
added 2023/08/31 6:15 a.m.11 views

CVE-2023-2173

The BadgeOS plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.7.1.6. This is due to improper validation and authorization checks within the badgeosdeletestepajaxhandler, badgeosdeleteawardstepajaxhandler, badgeosdeletedeductstepajaxhandler,...

6.5CVSS6.3AI score0.00519EPSS
Exploits0References5
prion
prion
added 2023/08/31 6:15 a.m.14 views

Cross site scripting

The CHP Ads Block Detector plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings reachable though an AJAX action in versions up to, and including, 3.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

4.9CVSS5.1AI score0.00476EPSS
Exploits0References4Affected Software1
prion
prion
added 2023/08/31 6:15 a.m.16 views

Information disclosure

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mffirstname' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about arbitrar...

4CVSS5.2AI score0.0046EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2023/08/31 5:33 a.m.23 views

CVE-2023-2354 CHP Ads Block Detector <= 3.9.4 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The CHP Ads Block Detector plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings reachable though an AJAX action in versions up to, and including, 3.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

4.9CVSS5.3AI score0.00476EPSS
Exploits0References4
cvelist
cvelist
added 2023/08/31 5:33 a.m.27 views

CVE-2023-3999 Waiting: One-click countdowns <= 0.6.2 - Missing Authorization

The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on its AJAX calls in versions up to, and including, 0.6.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to create and...

6.3CVSS6.3AI score0.00336EPSS
Exploits0References2
cvelist
cvelist
added 2023/08/30 11:29 a.m.23 views

CVE-2023-4600

The AffiliateWP for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'affwpactivateaddonspageplugin' function called via an AJAX action in versions up to, and including, 2.14.0. This makes it possible for authenticated attackers, with...

4.3CVSS4.8AI score0.00321EPSS
Exploits0References2
prion
prion
added 2023/08/16 5:15 a.m.20 views

Server side request forgery (ssrf)

The WP Remote Users Sync plugin for WordPress is vulnerable to Server Side Request Forgery via the 'notifypingremote' AJAX function in versions up to, and including, 1.2.12. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary locatio...

5.5CVSS5.8AI score0.00539EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2023/08/16 4:36 a.m.31 views

CVE-2023-3958 WP Remote Users Sync <= 1.2.12 - Authenticated (Subscriber+) Server Side Request Forgery

The WP Remote Users Sync plugin for WordPress is vulnerable to Server Side Request Forgery via the 'notifypingremote' AJAX function in versions up to, and including, 1.2.12. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary locatio...

8.5CVSS8.5AI score0.00539EPSS
Exploits0References4
osv
osv
added 2023/08/15 9:15 a.m.6 views

CVE-2023-2916

The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'adminnotice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. ...

5.3CVSS5.7AI score0.20888EPSS
Exploits2References3
vulnrichment
vulnrichment
added 2023/08/15 8:32 a.m.17 views

CVE-2023-2916 InfiniteWP Client <= 1.11.1 - Authenticated (Subscriber+) Sensitive Information Exposure

The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'adminnotice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. ...

7.5CVSS6.7AI score0.20888EPSS
Exploits2References3
cve
cve
added 2023/08/09 3:36 a.m.2517 views

CVE-2023-4243

CVE-2023-4243 affects the FULL – Customer WordPress plugin. Root cause: improper authorization in the /install-plugin REST route allows authenticated users with subscriber-level or higher to install plugins from arbitrary remote locations, enabling potential code execution. Affected: FULL – Custo...

8.8CVSS8.7AI score0.00765EPSS
Exploits0References4Affected Software1
prion
prion
added 2023/07/27 7:15 a.m.12 views

Design/Logic Flaw

The ACF Photo Gallery Field plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient restriction on the 'apgprofileupdate' function in versions up to, and including, 1.9. This makes it possible for authenticated attackers, with subscriber-level permissions or...

4CVSS4.6AI score0.0041EPSS
Exploits0References3Affected Software1
prion
prion
added 2023/07/18 3:15 a.m.22 views

Design/Logic Flaw

The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pmuploadcsv' function in versions up to, and including, 5.5.1. This makes it possible for authenticated attackers, with subscriber-level permissions or above to import...

4CVSS4.6AI score0.00467EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2023/07/14 5:15 a.m.22 views

CVE-2023-2082

The "Buy Me a Coffee – Button and Widget Plugin" plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 3.6 due to insufficient sanitization and escaping on the 'text value set via the bmcpostreception action. This makes it possible for authenticated attacker...

6.4CVSS0.00596EPSS
Exploits1References4
prion
prion
added 2023/07/13 3:15 a.m.18 views

Deserialization of untrusted data

The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.0.1 via deserialization of untrusted input from the 'profile-pic-url' parameter. This allows authenticated attackers, with subscriber-level permissions and above, to inject a PHP...

6.5CVSS8.8AI score0.01126EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2023/07/13 2:4 a.m.21 views

CVE-2023-3343 User Registration <= 3.0.1 - Authenticated (Subscriber+) PHP Object Injection

The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.0.1 via deserialization of untrusted input from the 'profile-pic-url' parameter. This allows authenticated attackers, with subscriber-level permissions and above, to inject a PHP...

8.8CVSS7.5AI score0.01126EPSS
Exploits0References3
nvd
nvd
added 2023/07/12 5:15 a.m.23 views

CVE-2023-2562

The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refreshmetabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post...

4.3CVSS4.3AI score0.00458EPSS
Exploits0References2
nvd
nvd
added 2023/07/12 5:15 a.m.17 views

CVE-2023-2561

The Gallery Metabox for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the galleryremove function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to modify galleries attached to posts and pages with th...

4.3CVSS4.3AI score0.00409EPSS
Exploits0References2
attackerkb
attackerkb
added 2023/07/12 5:15 a.m.4 views

CVE-2023-2562

The Gallery Metabox for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the refreshmetabox function in versions up to, and including, 1.5. This makes it possible for subscriber-level attackers to obtain a list of images attached to a post...

4.3CVSS6.8AI score0.00458EPSS
Exploits0References3
Rows per page
Query Builder