134 matches found
CVE-2024-13566
WP DataTable for WordPress is affected by a Stored Cross-Site Scripting (stored XSS) via the id parameter in all versions up to and including 0.2.6. Exploitation requires authenticated access at Contributor level or higher, enabling injection of scripts that execute when users load injected pages...
CVE-2024-13397 WPRadio – WordPress Radio Streaming Plugin <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WPRadio – WordPress Radio Streaming Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpradioplayer' shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This make...
CVE-2024-10705
CVE-2024-10705 affects the WordPress plugin “Multiple Page Generator Plugin – MPG” with vulnerability in all versions up to 4.0.5. The flaw is Server-Side Request Forgery (SSRF) via the mpg_download_file_by_link function, allowing authenticated attackers with editor-level access or higher to trig...
CVE-2024-12816
CVE-2024-12816 is a Stored Cross-Site Scripting vulnerability in the WordPress plugin “NOTICE BOARD BY TOWKIR” (versions ≤ 3.1). The flaw arises from insufficient input sanitization and output escaping on attributes used by the plugin’s notice-board shortcode. This allows authenticated attackers ...
CVE-2024-13583 Simple Gallery with Filter <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Simple Gallery with Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'c2twsgwf' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-12527 Perfect Portal Widgets <= 3.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Perfect Portal Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'perfectportalintakeform' shortcode in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-12204 Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups <= 1.3.5 - Missing Authorization
The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions in the class-cx-rest.php file in all versions up to, and including, 1.3.5. This makes it...
CVE-2024-12495 Bootstrap Blocks for WP Editor v2 <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Bootstrap Blocks for WP Editor v2 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gtb-bootstrap/column' block in all versions up to, and including, 2.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
CVE-2024-12592 Sellsy <= 2.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Sellsy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'testSellsy' shortcode in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-8721 Tracking Code Manager <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Tracking Code Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the tracking code field in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-leve...
CVE-2024-12591
CVE-2024-12591 concerns the WordPress plugin MagicPost . A stored XSS vulnerability exists in the wb_share_social shortcode across versions up to 1.2.1, enabling authenticated attackers with contributor-level access or higher to inject scripts that execute in visitors’ browsers. The issue is caus...
CVE-2024-11775 Particle Background <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Particle Background plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'particleground' shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-12061
The CVE CVE-2024-12061 affects the Events Addon for Elementor (WordPress) with Information Exposure in versions up to 2.2.3 via the naevents_elementor_template shortcode. The issue stems from insufficient restrictions on which posts can be included, enabling authenticated attackers with Contribut...
CVE-2024-11755 IMS Countdown <= 1.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The IMS Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown post settings in all versions up to, and including, 1.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-12461 WP-Revive Adserver <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WP-Revive Adserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpreviveasync' shortcode in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-9967
The WP show more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's showmore shortcode in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
Security Bulletin: Vulnerabilities in Elasticsearch affect watsonx.data
Summary Elasticsearch is vulnerable to local authenticated attacks to obtain sensitive information and denial of service attacks. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-31417 DESCRIPTION: Elasticsearch could allow a local authenticated attacker to obtain sensitive...
CVE-2024-8106
CVE-2024-8106 : The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to a Sensitive Information Exposure flaw via the download_user_ajax function in all versions up to and including 3.0.8. Authenticated attackers with Subscriber+ access can exfiltrate sensitive data suc...
CVE-2024-7054
The Popup Maker – Boost Sales, Conversions, Optins, Subscribers with the Ultimate WP Popups Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘closetext’ parameter in all versions up to, and including, 1.19.0 due to insufficient input sanitization and output...
All-in-One Video Gallery < 3.7.0 - Authenticated (Contributor+) Local File Inclusion via aiovg_search_form Shortcode
Description The All-in-One Video Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.6.5 via the aiovgsearchform shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute...