CVE-2026-5415

The WP Captcha PRO the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.38. This is due to the ajaxruntool AJAX handler relying solely on a nonce check...

CVE-2026-6419

Vulnerability summary (CVE-2026-6419) : The WishList Member WordPress plugin is affected on versions up to 3.30.1 by a missing authorization check in ajax_get_screen(), allowing authenticated users with Subscriber-level access or higher to pass an admin screen via data[url] and load the administr...

EUVD-2016-1921

Malware in sbrugna...

PT-2024-17513 · WordPress · Crm Wordpress Plugin – Repairbuddy

Name of the Vulnerable Software and Affected Versions: CRM WordPress Plugin – RepairBuddy versions up to 3.8120 Description: The issue arises from the plugin not properly validating a user's identity before updating their email through the wc update user data AJAX action. This allows authenticate...

CVE-2020-36840

The vulnerability CVE-2020-36840 affects the WordPress plugin Timetable and Event Schedule by MotoPress (versions up to 2.3.8). It is an authorization bypass caused by a missing capability check on the wp_ajax_route_url() function invoked via a nopriv AJAX action. This allows unauthenticated atta...

EventPrime < 3.2.0 - Booking Creation via CSRF

Description The plugin does not have CSRF checks when creating bookings, which could allow attackers to make logged in users create unwanted bookings via CSRF attacks. Create an Event, noting its ID. Add a ticket type to the Event the details don't matter. As a logged-in user, visit a page with t...

Authorization

The uListing plugin for WordPress is vulnerable to authorization bypass via Ajax due to missing capability checks, missing input validation, and a missing security nonce in the stmupdateemaildata AJAX action in versions up to, and including, 1.6.6. This makes it possible for unauthenticated...

Ocean Extra < 2.0.5 - Admin+ PHP Objection Injection

The plugin unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import intentionally or not a malicious Customizer Styling file and a suitable gadget chain is present on the blog. To simulate a gadget chain, put the following co...

Multivendor Marketplace Solution for WooCommerce < 3.8.12 - Unauthorised AJAX Calls

The plugin is lacking authorisation and CSRF in multiple AJAX actions, which could allow any authenticated users, such as subscriber to call them and suspend vendors reporter by the submitter or update arbitrary order status identified by WPScan when verifying the issue for example. Other...

CVE-2021-24831 Tab - Accordion, FAQ < 1.3.2 - Unauthenticated AJAX Calls

All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated and authenticated users, allowing unauthenticated attackers to modify various data in the plugin, such as add/edit/delete arbitrary tabs...

Design/Logic Flaw

The AJAX action, wpajaxninjaformssendwpremoteinstallhandler, did not have a capability check on it, nor did it have any nonce protection, therefore making it possible for low-level users, such as subscribers, to install and activate the SendWP Ninja Forms Contact Form – The Drag and Drop Form...

Douran 3.9.7.8 File Download/Source Code Disclosure Vulnerability

No description provided by source. Title: Douran Portal File Download/Source Code Disclosure Vulnerability Date of Publishing: 16 March 2010 Application Name: Douran Portal Version: 3.9.7.8 Impact: Medium Vendor: www.douran.com Link: http://douran.com/HomePage.aspx?TabID=4862 Vendor Responses: Th...

Iranian Ajax Security Team targets US Defense Industry

The Iranian hacking group, which calls itself the “Ajax Security Team”, was quite famous from last few years for websites defacement attacks, and then suddenly they went into dark since past few months. But that doesn't mean that the group was inactive, rather defacing the websites, the group was...

Iranian Hackers Target US Defense Contractors

An Iranian hacking group has moved from politically motivated website defacements to a new specialty – cyberespionage. The group known as the Ajax Security Team has been outed as the perpetrators of a number of espionage operations against U.S.-based defense contractors in addition to targeting...

Keralainfotech CMS SQL Injection

Exploit Title: Keralainfotech CMS sql injection Google Dork: "Powered by Keralainfotech.com" Date: 9/7/2012 Author: Ajax Security Team Discovered By: Crim3R Home: WwW.AjaxTm.CoM Vendor Software: http://keralainfotech.com/ Version: All Version Category:: webapps Tested on: GNU/Linux Ubuntu - Windo...

Sichkg CMS SQL Injection

Exploit Title: sichkg CMS SQL Injection Vulnerability Google Dork: "Powered by sichkg.com" Date: 9/7/2012 Author: Ajax Security Team Discovered By: Crim3R Home: WwW.AjaxTm.CoM Vendor Software: http://www.sichkg.com Version: All Version Category:: webapps Tested on: GNU/Linux Ubuntu - Windows Serv...

Jajitech IT Solutions CMS SQL Injection

Exploit Title: Jajitech IT Solutions CMS sql injection Google Dork: "Powered by Jajitech IT Solutions" Date: 9/7/2012 Author: Ajax Security Team Discovered By: Crim3R Home: WwW.AjaxTm.CoM Vendor Software: http://www.jajitech.net/ Version: All Version Category:: webapps Tested on: GNU/Linux Ubuntu...

EasyWebTime V.2007 CMS SQL Injection

Exploit Title: EasyWebTime V.2007 CMS sql injection Google Dork: "Powered by EasyWebTime V.2007" Date: 9/7/2012 Author: Ajax Security Team Discovered By: Crim3R Home: WwW.AjaxTm.CoM Vendor Software: http://www.bizpotential.com/main.php?filename=easywebtime Version: All Version Category:: webapps...

Shadow infosystem CMS SQL Injection

Exploit Title: Shadow infosystem CMS sql injection Google Dork: "Powerd by Shadow infosystem" Date: 9/7/2012 Author: Ajax Security Team Discovered By: Crim3R Home: WwW.AjaxTm.CoM Vendor Software: http://www.shadowinfosystem.com/ Version: All Version Category:: webapps Tested on: GNU/Linux Ubuntu ...

Detna CMS SQL Injection

Exploit Title: Detna CMS sql injection Google Dork: "Powerd by Detna" Date: 9/7/2012 Author: Ajax Security Team Discovered By: Crim3R Home: WwW.AjaxTm.CoM Vendor Software: http://www.detna.com/ Version: All Version Category:: webapps Tested on: GNU/Linux Ubuntu - Windows Server - win7...