CVE-2021-39217 OpenMage LTS arbitrary command execution in custom layout update through blocks

OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, Custom Layout enabled admin users to execute arbitrary commands via block methods. Versions 19.4.22 and 20.0.19 contain patches for this issue...

GHSA-5VPV-XMCJ-9Q85 Fix for arbitrary file deletion in customer media allows for remote code execution

Impact Magento admin users with access to the customer media could execute code on the server...

Fix for arbitrary file deletion in customer media allows for remote code execution

Impact Magento admin users with access to the customer media could execute code on the server...

GHSA-C9Q3-R4RV-MJM7 Fix for arbitrary command execution in custom layout update through blocks

Impact Custom Layout enabled admin users to execute arbitrary commands via block methods...

Fix for arbitrary command execution in custom layout update through blocks

Impact Custom Layout enabled admin users to execute arbitrary commands via block methods...

CVE-2022-4751

The Word Balloon WordPress plugin before 4.19.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privileg...

PT-2023-14989 · WordPress · Easyappointments

Name of the Vulnerable Software and Affected Versions: Easy Appointments WordPress plugin versions prior to 3.11.2 Description: The issue concerns a lack of validation and escaping of some shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site...

PT-2023-15196 · WordPress · Structured Content

Name of the Vulnerable Software and Affected Versions: Structured Content WordPress plugin versions prior to 1.5.1 Description: The issue allows users with a role as low as contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admins...

CVE-2023-22910

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision- fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs...

Code injection

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision- fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs...

Cross site scripting

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this...

CVE-2022-47196

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this...

Simple URLs < 115 - Multiple Reflected XSS

The plugin does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. PoC https://example.com/wp-content/plugins/simple-urls/admin/assets/js/import-js.php?search=...

CVE-2022-4199

The Link Library WordPress plugin before 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2658

The WP Spell Check WordPress plugin before 9.13 does not escape ignored words, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Cross site scripting

The Real Testimonials WordPress plugin before 2.6.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2022-4199 Link Library < 7.4.1 - Admin+ Stored XSS

The Link Library WordPress plugin before 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-4547 Conditional Payment Methods for WooCommerce <= 1.0 - Admin+ SQLi

The Conditional Payment Methods for WooCommerce WordPress plugin through 1.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin|users with a role as low as admin...

CVE-2022-4329

The Product list Widget for Woocommerce WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both unauthenticated and authenticated users such as high privilege one like...

CVE-2022-4369

The WP-Lister Lite for Amazon WordPress plugin before 2.4.4 does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which can be used against high-privilege users such as admin...