1339 matches found
CVE-2018-20837
include/admin/Menu/Ajax.php in Typesetter 5.1 has index.php/Admin/Menu/Ajax?cmd=AddHidden title XSS...
CVE-2018-20837
include/admin/Menu/Ajax.php in Typesetter 5.1 has index.php/Admin/Menu/Ajax?cmd=AddHidden title XSS...
CVE-2018-20837
Typesetter 5.1 contains a cross-site scripting (XSS) flaw in include/admin/Menu/Ajax.php. The description cites an input path: index.php/Admin/Menu/Ajax?cmd=AddHidden, with title XSS. Details on affected versions, impact, exploit method, and fixes are drawn from multiple sources; remediation spec...
CVE-2019-11807
The WooCommerce Checkout Manager plugin before 4.3 for WordPress allows media deletion via the wp-admin/admin-ajax.php?action=updateattachmentwccm wccmdefaultkeysload parameter because of a nopriv registration and a lack of capabilities checks...
WordPress Contact Form Builder Plugin < 1.0.69 CSRF Vulnerability
The WordPress plugin Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...
Code injection
In Webgalamb through 7.0, system/ajax.php functionality is supposed to be available only to the administrator. However, by using one of the bgsend, atmentsddd1xGz, or xlsbgimport query parameters, most of these methods become available to unauthenticated users...
Design/Logic Flaw
An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on the server with web server privileges by sending a malicious request to admin-ajax.php...
Default credentials
The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the csresetpass function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account...
CVE-2018-19488
The CVE-2018-19488 entry concerns the WP-jobhunt WordPress plugin prior to version 2.4. An authentication- bypass flaw exists where AJAX requests to cs_reset_pass() via admin-ajax.php are not properly controlled, enabling remote unauthenticated attackers to reset a user’s password. This is suppor...
CVE-2018-19487
The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the csemployerajaxprofile function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users...
CVE-2018-19487
The CVE affects the WordPress WP-jobhunt plugin prior to version 2.4. The root cause is lack of access control for AJAX requests to cs_employer_ajax_profile() via admin-ajax.php, enabling remote unauthenticated attackers to enumerate user information. Practical impact is information disclosure ab...
CVE-2018-15818
An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on the server with web server privileges by sending a malicious request to admin-ajax.php...
CVE-2018-15818
CMS/plugin: Repute ARForms 3.5.1 and earlier. A vulnerability allows an attacker to delete arbitrary files on the server by sending a malicious request to admin-ajax.php, abusing web server privileges. Affected component is the plugin’s admin AJAX endpoint; impact is file deletion with partial in...
CVE-2018-19515
CVE-2018-19515 affects Webgalamb up to version 7.0. The issue: system/ajax.php endpoints intended for admin use can be accessed by unauthenticated users via certain query parameters (e.g., bgsend, atment_sddd1xGz, xls_bgimport), enabling broad method exposure. This is described as an information-...
CVE-2019-9040
S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332...
Cross site request forgery (csrf)
MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery CSRF vulnerability in REST endpoint /wp-admin/admin-ajax.php?action=mapsvgsave that can result in an attacker can modify post data, including embedding javascript. This attack appears to be exploitable via the victim must be...
CVE-2019-1000003
MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery CSRF vulnerability in REST endpoint /wp-admin/admin-ajax.php?action=mapsvgsave that can result in an attacker can modify post data, including embedding javascript. This attack appears to be exploitable via the victim must be...
CVE-2019-1000003
MapSVG Lite 3.2.3 is affected by a CSRF in the mapsvg_save AJAX endpoint (/wp-admin/admin-ajax.php?action=mapsvg_save) that can allow an authenticated admin to modify post data (including embedded JavaScript). Exploitation requires the attacker to have an admin account and to entice the admin to ...
CVE-2018-19042
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dirfrom and dirto parameters of an mrelocatormove action to the wp-admin/admin-ajax.php URI...
CVE-2019-6703
CVE-2019-6703 affects the Total Donations WordPress plugin (up to 2.0.5/2.0.6) via an incorrect access control in migla_ajax_functions.php. This flaw allows unauthenticated attackers to call miglaA_update_me through wp-admin/admin-ajax.php and modify arbitrary WordPress option values, enabling ac...