Cross site scripting

The Loginizer WordPress plugin before 1.7.9 does not escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

AI-Engine < 1.6.83 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup. PoC Go to Meow Apps » AI Engine » Chatbot tab »...

IP Metaboxes <= 2.1.1 - Unauthenticated Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

AI ChatBot < 4.5.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape numerous of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks to all admin when setting chatbot and all client when using chatbot PoC 1. Go to "Settings Language Settings ChatBot Keywords" 2...

WP Custom Cursors < 3.2 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin. PoC 1. Add a new "WP Custom Cursor". 2. Return to the "WP Custom Cursors" page and click edit Cursor. 3.The WP Custom...

CVE-2023-31748

Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file...

Conditional Menus < 1.2.1 - Reflected XSS

The plugin does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the HTML code below...

Affiliate Me 5.0.1 SQL Injection

Exploit Title: Affiliate Me Version 5.0.1 - SQL Injection Exploit Date: May 16, 2023. CVSS 3.1: 6.4 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N Tactic: Initial Access TA0001 Technique: Exploit Public-Facing Application T1190 Application Name: Affiliate Me Application Version:...

Quiz Maker < 6.4.2.7 - Reflected XSS

The plugin does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open the URL below other URL are also affected...

ConvertKit < 2.2.1 - Reflected XSS

The plugin does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the code below...

Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.61 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the admin dashboard when the WPML plugin is also active and configured, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a pag...

Get Your Number <= 1.1.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. In the plugin's settings, enter the payload...

PT-2023-3477 · Wavlink · Wavlink Wl-Wn531Ax2

Name of the Vulnerable Software and Affected Versions: WAVLINK WL-WN531AX2 versions prior to 2023526 Description: The issue is related to client-side enforcement of server-side security, which may allow an attacker with administrative privilege to execute OS commands with the root privilege. This...

Slimstat Analytics < 5.0.5 - Admin+ SQLi

The plugin does not sanitise and escape the misclimitresults parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex Moss Semalt Blocker plugin = 1.1.3 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Muneeb ur Rehman Simple PopUp plugin = 1.8.6 versions...

Hostel < 1.1.5.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to Manage Rooms and click on "Click her...

CVE-2023-23732

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joel James Disqus Conditional Load plugin = 11.0.6 versions...

CVE-2023-1806

The WP Inventory Manager WordPress plugin before 2.1.0.12 does not sanitise and escape the message parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

CVE-2023-0894

The Pickup | Delivery | Dine-in date time WordPress plugin through 1.0.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...