19 matches found
EUVD-2019-3894
Malware in sbrugna...
CVE-2023-6077 Slider - Ultimate Responsive Image Slider < 3.5.12 - Subscriber+ Arbitrary Post Access
The Slider WordPress plugin before 3.5.12 does not ensure that posts to be accessed via an AJAX action are slides and can be viewed by the user making the request, allowing any authenticated users, such as subscriber to access the content arbitrary post such as private, draft and password protect...
Slider - Ultimate Responsive Image Slider < 3.5.12 - Subscriber+ Arbitrary Post Access
Description The plugin does not ensure that posts to be accessed via an AJAX action are slides and can be viewed by the user making the request, allowing any authenticated users, such as subscriber to access the content arbitrary post such as private, draft and password protected Run the below...
CVE-2023-4036 Simple Blog Card < 1.32 - Subscriber+ Arbitrary Post Access
The Simple Blog Card WordPress plugin before 1.32 does not ensure that posts to be displayed via a shortcode are public, allowing any authenticated users, such as subscriber, to retrieve arbitrary post title and their content such as draft, private and password protected ones...
CVE-2023-0890 Shortcodes Ultimate < 5.12.8 - Subscriber+ Arbitrary Post Access
The WordPress Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 5.12.8 does not ensure that posts to be displayed via some shortcodes are already public and can be accessed by the user making the request, allowing any authenticated users such as subscriber to view draft, private or...
CVE-2023-0890 Shortcodes Ultimate < 5.12.8 - Subscriber+ Arbitrary Post Access
The WordPress Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 5.12.8 does not ensure that posts to be displayed via some shortcodes are already public and can be accessed by the user making the request, allowing any authenticated users such as subscriber to view draft, private or...
Shortcodes Ultimate < 5.12.8 - Subscriber+ Arbitrary Post Access
The plugin does not ensure that posts to be displayed via some shortcodes are already public and can be accessed by the user making the request, allowing any authenticated users such as subscriber to view draft, private or even password protected posts. It is also possible to leak the password of...
Shortcodes Ultimate < 5.12.8 - Subscriber+ Arbitrary Post Access
The plugin does not ensure that posts to be displayed via some shortcodes are already public and can be accessed by the user making the request, allowing any authenticated users such as subscriber to view draft, private or even password protected posts. It is also possible to leak the password of...
CVE-2022-3891 WP FullCalendar < 1.5 - Unauthenticated Arbitrary Post Access
The WP FullCalendar WordPress plugin before 1.5 does not ensure that the post retrieved via an AJAX action is public and can be accessed by the user making the request, allowing unauthenticated attackers to get the content of arbitrary posts, including draft/private as well as password-protected...
CVE-2021-24881 Passster < 3.5.5.9 - Protection Bypass & Arbitrary Post Access
The Passster WordPress plugin before 3.5.5.9 does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated users to bypass the protection offered by the plugin, and access arbitrary posts such as private content, by sending a specifically crafted...
CVE-2021-24881 Passster < 3.5.5.9 - Protection Bypass & Arbitrary Post Access
The Passster WordPress plugin before 3.5.5.9 does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated users to bypass the protection offered by the plugin, and access arbitrary posts such as private content, by sending a specifically crafted...
WP FullCalendar < 1.5 - Unauthenticated Arbitrary Post Access
The plugin does not ensure that the post retrieved via an AJAX action is public and can be accessed by the user making the request, allowing unauthenticated attackers to get the content of arbitrary posts, including draft/private as well as password-protected ones. Open the below URL as an...
Passster < 3.5.5.9 - Protection Bypass & Arbitrary Post Access
The plugin does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated users to bypass the protection offered by the plugin, and access arbitrary posts such as private content, by sending a specifically crafted request. PoC The nonce can be...
Responsive Image Slider, Photo Gallery And Carousel < 1.3.6 - Subscriber+ Arbitrary Post Access
The plugin does not have proper authorisation check in the sfimageid AJAX action, which could allow any authenticated, such as subscriber, to view the content and title of arbitrary posts, for example private, draft and password protected ones. PoC POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: /...
WordPress WP Mega Menu plugin <= 1.4.0 - Arbitrary Post Access vulnerability
Arbitrary Post Access vulnerability discovered by WPScanTeam in WordPress WP Mega Menu plugin versions = 1.4.0. Solution Update the WordPress WP Mega Menu plugin to the latest available version at least 1.4.1...
WP Mega Menu < 1.4.1 - Subscriber+ Arbitrary Post Access
The plugin does not properly check for capability and CSRF due to a logic flaw, in its exporttheme and exportwpmegamenunavmenu methods, hooked as AJAX actions and available to any authenticated users. As a result, low privilege authenticated users such as subscribers can call them and access...
WP Mega Menu < 1.4.0 - Unauthenticated Arbitrary Post Access
The plugin does not properly check for capability and CSRF due to a logic flaw, in its exporttheme and exportwpmegamenunavmenu methods, hooked to admininit. As a result, unauthenticated users can call them and access arbitrary post data, including password protected or private ones. Access an...
WP Mega Menu < 1.4.1 - Subscriber+ Arbitrary Post Access
The plugin does not properly check for capability and CSRF due to a logic flaw, in its exporttheme and exportwpmegamenunavmenu methods, hooked as AJAX actions and available to any authenticated users. As a result, low privilege authenticated users such as subscribers can call them and access...
CVE-2019-12252
In Zoho ManageEngine ServiceDesk Plus through 10.5, users with the lowest privileges guest can view an arbitrary post by appending its number to the SDNotify.do?notifyModule=Solution&mode=E-Mail¬ifyTo=SOLFORWARD&id= substring...