80 matches found
CVE-2023-1016
The Intuitive Custom Post Order plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.1.4.1, due to insufficient escaping on the user supplied 'objects' and 'tags' parameters and lack of sufficient preparation in the 'updateoptions' function as well as the...
PT-2023-16691 · WordPress · Intuitive Custom Post Order
Name of the Vulnerable Software and Affected Versions: Intuitive Custom Post Order plugin for WordPress versions up to, and including, 3.1.3 Description: The issue arises from insufficient escaping on the user-supplied objects and tags parameters and a lack of sufficient preparation in the update...
CVE-2023-0584
The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'updateoptions' function in versions up to, and including, 1.57.0.5. This allows authenticated attackers, with contributor-level permissions or above, to change the 'vkfontawesomeversion' option to an arbitrar...
PT-2023-16383 · WordPress · Vk Blocks
Name of the Vulnerable Software and Affected Versions: VK Blocks plugin for WordPress versions up to, and including, 1.57.0.5 Description: The issue concerns improper authorization via the REST update options function. This allows authenticated attackers with contributor-level permissions or abov...
CVE-2023-0889
Themeflection Numbers WordPress plugin before 2.0.1 does not have authorisation and CSRF check in an AJAX action, and does not ensure that the options to be updated belong to the plugin. As a result, it could allow any authenticated users, such as subscriber, to update arbitrary blog options, suc...
CVE-2022-3451
The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...
PT-2022-22186 · WordPress · Product Stock Manager
Name of the Vulnerable Software and Affected Versions: Product Stock Manager WordPress plugin version 1.0.4 and earlier Description: The issue affects the Product Stock Manager WordPress plugin, where multiple AJAX actions lack proper authorization and CSRF checks. This allows users with a role a...
WordPress plugin Profile Builder 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2022-1323
The Discy WordPress theme before 5.0 lacks authorization checks then processing ajax requests to the discyupdateoptions action, allowing any logged in users with privileges as low as Subscriber, to change Theme options by sending a crafted POST request...
PT-2022-13797 · WordPress · Discy
Name of the Vulnerable Software and Affected Versions: Discy WordPress theme versions prior to 5.0 Description: The issue allows any logged-in users, with privileges as low as Subscriber, to change theme options by sending a crafted POST request to the "discy update options" action due to a lack ...
CVE-2022-0952
The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as...
PT-2022-6789 · Click5 · Sitemap
Name of the Vulnerable Software and Affected Versions: Sitemap by click5 WordPress plugin versions prior to 1.0.36 Description: The issue is related to the lack of authorization and CSRF checks when updating options via a REST endpoint, and the failure to ensure that the option to be updated...
WordPress plugin 跨站请求伪造漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. The WordPress plugin suffers from a cross-site reques...
Why You Should Consider QEMU Live Patching
Sysadmins know what the risks are of running unpatched services. Given the choice, and unlimited resources, most hardworking administrators will ensure that all systems and services are patched consistently. But things are rarely that simple. Technical resources are limited, and patching can ofte...
Current Book <= 1.0.1 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin does not sanitize user input when an authenticated user adds Author or Book Title, then does not escape these values when outputting to the browser leading to an Authenticated Stored XSS Cross-Site Scripting issue. 1. Install WordPress 5.7.2 2. Install and activate Custom Book 3...
CVE-2019-14796
The mq-woocommerce-products-price-bulk-edit aka Woocommerce Products Price Bulk Edit plugin 2.0 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=updateoptions showproductspagelimit parameter...
PT-2019-13841 · Woocommerce · Mq-Woocommerce-Products-Price-Bulk-Edit
Name of the Vulnerable Software and Affected Versions: mq-woocommerce-products-price-bulk-edit plugin version 2.0 Description: The issue allows for XSS via the "wp-admin/admin-ajax.php?action=update options" API endpoint, specifically through the show products page limit parameter. Recommendation...
CVE-2019-6703
Incorrect access control in miglaajaxfunctions.php in the Calmar Webmedia Total Donations plugin through 2.0.5 for WordPress allows unauthenticated attackers to update arbitrary WordPress option values, leading to site takeover. These attackers can send requests to wp-admin/admin-ajax.php to call...
Cross site scripting
Cross-site scripting XSS vulnerability in the Easy MailChimp Forms plugin 3.0 through 5.0.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the updateoptions action to wp-admin/admin-ajax.php...
ROS-2-2353
2.2353 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...