CVE-2020-12076

The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks CSRF nonce checks for AJAX actions. One consequence of this is stored XSS...

EUVD-2021-11215

Malware in sbrugna...

EUVD-2021-11547

Malware in sbrugna...

EUVD-2021-11379

Malware in sbrugna...

CVE-2025-7040 Cloud SAML SSO <= 1.0.19 - Missing Authorization to Unauthenticated Settings Modification via set_organization_settings Action

The Cloud SAML SSO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'setorganizationsettings' action of the cssohandleactions function in all versions up to, and including, 1.0.19. The handler reads client-supplied POST parameters fo...

CVE-2021-24635

The Visual Link Preview WordPress plugin before 2.2.3 does not enforce authorisation on several AJAX actions and has the CSRF nonce displayed for all authenticated users, allowing any authenticated user such as subscriber to call them and 1 Get and search through title and content of Draft post, ...

CVE-2023-4827 File Manager Pro < 1.8 - Remote Code Execution via CSRF

The File Manager Pro WordPress plugin before 1.8 does not properly check the CSRF nonce in the fsconnector AJAX action. This allows attackers to make highly privileged users perform unwanted file system actions via CSRF attacks by using GET requests, such as uploading a web shell...

sec.custhelp.com Open Redirect vulnerability OBB-3151771

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Microsoft OMI Management Interface Authentication Bypass Exploit

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September 8th 2021. This module requires Metasploi...

CVE-2021-24635

The CVE-2021-24635 entry refers to the Visual Link Preview WordPress plugin prior to version 2.2.3. The issue is an access-control flaw where the plugin does not enforce authorization for multiple AJAX actions and exposes a CSRF nonce to any authenticated user. As a result, an authenticated user ...

CVE-2021-24635 Visual Link Preview < 2.2.3 - Unauthorised AJAX Calls

The Visual Link Preview WordPress plugin before 2.2.3 does not enforce authorisation on several AJAX actions and has the CSRF nonce displayed for all authenticated users, allowing any authenticated user such as subscriber to call them and 1 Get and search through title and content of Draft post, ...

Visual Link Preview < 2.2.3 - Unauthorised AJAX Calls

The plugin does not enforce authorisation on several AJAX actions and has the CSRF nonce displayed for all authenticated users, allowing any authenticated user such as subscriber to call them and 1 Get and search through title and content of Draft post, 2 Get title of a password-protected post as...

Cross site request forgery (csrf)

The Leaflet Map WordPress plugin before 3.0.0 does not verify the CSRF nonce when saving its settings, which allows attackers to make a logged in admin update the settings via a Cross-Site Request Forgery attack. This could lead to Cross-Site Scripting issues by either changing the URL of the...

Frontend File Manager < 18.3 - Unauthenticated Content Injection and Stored XSS

The wpfmeditfiletitledesc AJAX action of the plugin, available to unauthenticated users, did not check if users were editing their own post and was lacking a CSRF nonce as well. This could allow an unauthenticated user to update any post/page. Furthermore, by editing a post with the 'wpfm-files'...

CVE-2021-24301

The Hotjar Connecticator WordPress plugin through 1.1.1 is vulnerable to Stored Cross-Site Scripting XSS in the 'hotjar script' textarea. The request did include a CSRF nonce that was properly verified by the server and this vulnerability could only be exploited by administrator users...

Cross site scripting

The Hotjar Connecticator WordPress plugin through 1.1.1 is vulnerable to Stored Cross-Site Scripting XSS in the 'hotjar script' textarea. The request did include a CSRF nonce that was properly verified by the server and this vulnerability could only be exploited by administrator users...

Hotjar Connecticator <= 1.1.1 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin was vulnerable to Stored Cross-Site Scripting XSS in the "hotjar script" textarea. The request did include a CSRF nonce that was properly verified by the server and this vulnerability could only be exploited by administrator users. PoC Step 1: Install and activate the plugin "Hotjar...

Edwiser Bridge < 2.0.7 - CSRF Nonce Bypass

The plugin did not properly verify for CSRF nonces, allowing requests without them to bypass the checks in place. This could allow attackers to make logged in users perform unwanted actions...

Better Search < 2.5.3 - CSRF Nonce Bypass in Import/Export

The plugin did not properly check the CSRF nonces when exporting and importing settings, allowing attackers to make a logged in user with the manageoptions capability export and import arbitrary settings by not providing the nonce parameter in the request PoC POST...

Process Steps Template Designer < 1.3 - CSRF to Stored Cross-Site Scripting (XSS)

The plugin did not properly check its CSRF nonce in the FontAwesomeField.save method, which could allow attackers to make logged in users capable of editing posts change the Step Icon of arbitrary Process Steps. Due to the lack of sanitisation of the submitted Step icon value, it could also lead ...