NextScripts: Social Networks Auto-Poster < 4.3.25 - Arbitrary Post Deletion via CSRF

The plugin does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts via a CSRF attack https://example.com/wp-admin/admin.php?page=nxssnap-reposter&item=1&action=delete...

WP125 < 1.5.5 - Arbitrary Ad Deletion via CSRF

The plugin does not have CSRF checks in various action, for example when deleting an ad, allowing attackers to make a logged in admin delete them via a CSRF attack https://example.com/wp-admin/admin.php?page=wp125addedit&deletead=1...

Simple Download Monitor < 3.9.9 - Multiple CSRF

The plugin does not enforce nonce checks, which could allow attackers to perform CSRF attacks to 1 make admins export logs to exploit a separate log disclosure vulnerability fixed in 3.9.6, 2 delete logs fixed in 3.9.9, 3 remove thumbnail image from downloads To export logs which could then be...

Cross-Site Request Forgery (CSRF) in code16/sharp

Description Attacker is able to logout a user if a logged in user visits attacker website. Impact This vulnerability is capable of forging user to unintentional logout. Test Tested on Edge, firefox, chrome and safari. Fix You should use POST instead of GET. To expand: One way GET could be abused...

URL Shortify < 1.5.1 - Arbitrary Link/Group Deletion via CSRF

The plugin does not have CSRF check in place when bulk-deleting links or groups, which could allow attackers to make a logged in admin delete arbitrary link and group via a CSRF attack. https://example.com/wp-admin/admin.php?page=uslinks&action=bulkdelete&linkids=1...

Simple Download Monitor < 3.9.6 - Unauthenticated Log Access

The plugin saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to download and read the logs containing Sensitive Information such as IP Addresses and Usernames...

One User Avatar < 2.3.7 - Avatar Update via CSRF

The plugin does not check for CSRF when updating the Avatar in page where the avatarupload shortcode is embed. As a result, attackers could make logged in user change their avatar via a CSRF attack Click...

PT-2021-16099 · WordPress · Timetable/Event Schedule

Name of the Vulnerable Software and Affected Versions: Timetable and Event Schedule WordPress plugin versions prior to 2.4.2 Description: The issue concerns a lack of proper access control and the absence of a CSRF check, allowing any user with the edit posts capability to delete arbitrary...

Wechat Reward <= 1.7 - CSRF to Stored Cross-Site Scripting

The plugin does not sanitise or escape its QR settings, nor has any CSRF check in place, allowing attackers to make a logged in admin change the settings and perform Cross-Site Scripting attacks. Put the following payload in the QR setting: "alert/XSS/ The XSS will be triggered in the plugin's...

Timetable and Event Schedule by MotoPress < 2.4.2 - Unauthorised Event TimeSlot Deletion

The plugin does not have proper access control when deleting a timeslot, allowing any user with the editposts capability contributor+ to delete arbitrary timeslot from any events. Furthermore, no CSRF check is in place as well, allowing such attack to be performed via CSRF against a logged in wit...

WordPress Hotjar Connecticator Stored Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WordPress plugin that stems from a request that includes a CS...

Adapta RGPD < 1.3.3 - Unauthorised Consent via CSRF

The acceptcookieconsent AJAX action did not properly check for CSRF, allowing attackers to make users consent via a CSRF attack. https://example.com/wp-admin/admin-ajax.php?action=acceptcookieconsent...

WordPress Plugin Database Backups 1.2.2.6 - &#039;Database Backup Download&#039; CSRF

Exploit Title: WordPress Plugin Database Backups 1.2.2.6 - 'Database Backup Download' CSRF Date: 2/10/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/database-backups/ Version: 1.2.2.6 Tested on: Windows 10 CVE: CVE-2021-24174 1. Description: This plugin allows admins to create and...

Exploit for CVE-2021-24085

Microsoft Exchange Server msExchEcpCanary Cross Site Request F...

MGASA-2021-0074 Updated phppgadmin package fixes a security vulnerability

phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application. One such area, database.php does not verify the source of an HTTP request. This can be leveraged by a remote attacker to trick a logged-in administrator to visit...

Updated phppgadmin package fixes a security vulnerability

phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application. One such area, database.php does not verify the source of an HTTP request. This can be leveraged by a remote attacker to trick a logged-in administrator to visit...

Advanced Webhost Billing System 3.7.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: Advanced Webhost Billing System 3.7.0 - Cross-Site Request Forgery CSRF Date: 06/01/2021 Exploit Author: Rahul Ramakant Singh Vendor Homepage: https://www.awbs.com/ Version: 3.7.0 Tested on Windows Steps: 1. Login into the application with the help of email and password. 2. Navigat...

CarePlus <= 1.2 - Unauthenticated Reflected Cross-Site Scripting (XSS)

An Unauthenticated Reflected XSS vulnerability was discovered in the CarePlus theme through 1.2 for WordPress. https://example.com/?s=%22%20autofocus%20onfocus=alertXSS;%20%22%3E...

CVE-2019-10784

CVE-2019-10784 affects phpPgAdmin up to version 7.12.1. The issue is an improper source validation in the application, notably in database.php, enabling CSRF abuse that could let a remote attacker trick an authenticated administrator into visiting a malicious page and execute arbitrary system com...

SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny...