CVE-2023-0285

The Real Media Library WordPress plugin before 4.18.29 does not sanitise and escape the created folder names, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks...

CVE-2024-4271

The SVGator WordPress plugin through 1.2.6 does not sanitize SVG file contents, which enables users with at least the author role to SVG with malicious JavaScript to conduct Stored XSS attacks...

Jetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API

The plugin does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization. PoC curl --json ' "media": "tmpname": "/WPCONTENTPATH/wp-config.php"...

Shareaholic < 9.7.6 - Information Disclosure

The plugin does not have proper authorisation check in one of the AJAX action, available to unauthenticated in v 9.7.5 and author+ in v9.7.5 users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc...

Buffer overflow

The Phoenix Media Rename WordPress plugin before 3.4.4 does not have capability checks in its phoenixmediarename AJAX action, which could allow users with Author roles to rename any uploaded media files, including ones they do not own...

CVE-2021-24816 Phoenix Media Rename < 3.4.4 - Author Arbitrary Media File Renaming

The Phoenix Media Rename WordPress plugin before 3.4.4 does not have capability checks in its phoenixmediarename AJAX action, which could allow users with Author roles to rename any uploaded media files, including ones they do not own...

WordPress WPBakery plugin cross-site scripting vulnerability

WordPress is a blogging platform from the WordPress Foundation developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.Wpbakery Page Builder is a plugin that is applied to generate an editor on a web page. A cross-site scripting...

CVE-2020-28650

The WPBakery plugin before 6.4.1 for WordPress allows XSS because it calls ksesremovefilters to disable the standard WordPress XSS protection mechanism for the Author and Contributor roles...

CVE-2020-8812

Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. NOTE: the vendor's perspective is that this is "not a bug...

Code injection

Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. NOTE: the vendor's perspective is that this is "not a bug...

WordPress Cross-Site Scripting Vulnerability (CNVD-2015-05124)

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the wp-includes/kses.php and wp-includes/shortcodes.php script...