84721 matches found
Protect WP Admin < 4.0 - Unauthenticated Protection Bypass
The Protect WP Admin WordPress plugin before version 4.0 disclosed the URL of the admin panel through the redirection of a crafted URL, bypassing the protection offered. id: CVE-2023-3139 info: name: Protect WP Admin 4.0 - Unauthenticated Protection Bypass author: popcorn94 severity: medium...
EventON Lite <= 2.4 - Authenticated Local File Inclusion
Ashan Perera EventON contains a PHP remote file inclusion caused by improper control of filename in include/require statements, letting attackers include local files, exploit requires attacker to control include filename. id: CVE-2025-32614 info: name: EventON Lite = 2.4 - Authenticated Local Fil...
The Opal Estate Pro – Property Management <= 1.7.5 - Unauthenticated Privilege Escalation
The Opal Estate Pro plugin ≤ 1.7.5 is vulnerable to privilege escalation. Due to missing role restrictions in the onregisteruser function, users can register with any role. This allows unauthenticated attackers to create administrator accounts. id: CVE-2025-6934 info: name: The Opal Estate Pro –...
OttoKit < 1.0.83 - SureTriggers allows Privilege Escalation
Incorrect Privilege Assignment vulnerability in Brainstorm Force SureTriggers allows Privilege Escalation.This issue affects SureTriggers- from n/a through 1.0.82. id: CVE-2025-27007 info: name: OttoKit 1.0.83 - SureTriggers allows Privilege Escalation author: iamnoooob,rootxharsh,pdresearch...
Simple URLs < 115 - Cross Site Scripting
The plugin does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. id: CVE-2023-0099 info: name: Simple URLs 115 - Cross Site Scripting author: r3Y3r53 severit...
WP-Optimize WordPress plugin < 3.2.13 - Cross-Site Scripting
The WP-Optimize WordPress plugin before 3.2.13 and SrbTransLatin WordPress plugin before 2.4.1 are vulnerable to cross-site scripting due to a third-party library that improperly handles HTML character escaping. id: CVE-2023-1119 info: name: WP-Optimize WordPress plugin 3.2.13 - Cross-Site...
System Dashboard < 2.8.10 - Cross-Site Scripting
The System Dashboard WordPress plugin before 2.8.10 does not sanitize and escape some parameters, which could allow administrators in multisite WordPress configurations to perform Cross-Site Scripting attacks through header injection, specifically in the X-Forwarded-For header. id: CVE-2023-7246...
News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Local File Inclusion
The News & Blog Designer Pack WordPress plugin up to version 3.4.1 contains a remote code execution caused by local file inclusion in the bdpgetmorepost function, letting unauthenticated attackers include arbitrary PHP files, exploit requires AJAX request with crafted POST data. id: CVE-2023-5815...
RestroPress 3.0.0-3.2.1 - Authentication Bypass
RestroPress Online Food Ordering System WordPress plugin 3.0.0 to 3.1.9.2 contains an authentication bypass caused by exposure of user private tokens and API data via /wp-json/wp/v2/users endpoint, letting unauthenticated attackers forge JWT tokens and authenticate as other users including...
JS Help Desk <= 2.8.1 - SQL Injection
The JS Help Desk – Best Help Desk & Support Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘email' and 'trackingid' parameters in all versions up to 2.8.2 exclusive due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...
WP BASE Booking - Reflected XSS
WP BASE Booking of Appointments, Services and Events WordPress plugin 5.0.0 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before output, letting attackers execute malicious scripts in high privilege users' browsers, exploit requires victim to...
AffiliateImporterEb <= 1.0.6 - Reflected XSS
AffiliateImporterEb WordPress plugin through 1.0.6 contains a reflected XSS caused by unsanitized and unescaped parameter output, letting attackers execute scripts against high privilege users such as admin, exploit requires crafted request. id: CVE-2024-12732 info: name: AffiliateImporterEb =...
Tutor LMS <= 2.1.10 - SQL Injection
Tutor LMS – eLearning and online course solution plugin for WordPress all versions up to 2.6.1 contains a time-based SQL Injection caused by insufficient escaping on the questionid parameter in SQL queries, letting authenticated attackers with subscriber or higher access extract sensitive...
Masteriyo LMS <= 1.7.2 - Unauthenticated Privilege Escalation
The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the updateloggedinuser function in all versions up to, and including, 1.7.2. This makes it possible for unauthenticated attackers t...
LearnPress < 4.2.7.1 - SQL Injection
The LearnPress WordPress LMS Plugin before 4.2.7.1 is vulnerable to unauthenticated SQL injection via the 'cfields' parameter in the /wp-json/lp/v1/courses/archive-course REST API endpoint, allowing attackers to extract sensitive information from the database. id: CVE-2024-8529 info: name:...
WordPress Stacks Mobile App Builder <=5.2.3 - Authentication Bypass
Stacks Mobile App Builder WordPress plugin ≤ 5.2.3 suffers from an authentication bypass vulnerability via improper handling of query parameters, allowing attackers to impersonate arbitrary users. id: CVE-2024-50477 info: name: WordPress Stacks Mobile App Builder =5.2.3 - Authentication Bypass...
Templately <= 3.1.2 - Broken Access Control
Templately allow an attacker to logout users who signed in to their templately account, so you can sign in your templately account to exploit this vulnerability. Go to http://IP/wordpress/wp-admin/admin.php?page=templately&path=sign-in to sign in then logout. id: CVE-2024-47308 info: name:...
Sunshine Photo Cart <= 3.2.5 - Reflected Cross-Site Scripting
WP Sunshine Sunshine Photo Cart versions up to 3.2.5 contain a reflected cross-site scripting caused by improper input neutralization during web page generation, letting attackers execute malicious scripts in users' browsers, exploit requires attacker to craft malicious input. id: CVE-2024-43971...
SendGrid for WordPress <= 1.4 - SQL Injection
Smackcoders SendGrid for WordPress affected versions 1.4 and below contains a SQL injection caused by improper neutralization of special elements used in an SQL command, letting attackers execute arbitrary SQL queries, exploit requires crafted input. id: CVE-2024-43965 info: name: SendGrid for...
Post Sync Plugin <= 1.1 - Cross-Site Scripting
Post Sync WordPress plugin = 1.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a maliciou...