CVE-2022-0164

The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its comingsoonsendmail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users...

EUVD-2021-11577

Malware in sbrugna...

EUVD-2021-11937

Malware in sbrugna...

EUVD-2021-11398

Malware in sbrugna...

EUVD-2022-33757

Malicious code in bioql PyPI...

EUVD-2022-42825

Malicious code in bioql PyPI...

CVE-2023-5798

The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wpremoteget, which could allow users with a role as low as Editor to perform SSRF attacks...

CVE-2023-5737

The WordPress Backup & Migration WordPress plugin before 1.4.4 does not authorize some AJAX requests, allowing users with a role as low as Subscriber to update some plugin settings...

CVE-2024-7082 easy-table-of-contents < 2.0.68 - Editor+ Stored XSS

The Easy Table of Contents WordPress plugin before 2.0.68 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks...

CVE-2024-6710

The CVE-2024-6710 issue affects the Ditty WordPress plugin prior to version 3.1.45. It stems from inadequate sanitisation/escaping of certain parameters, enabling attackers with as little as Contributor-level access to perform Cross-Site Scripting (XSS) attacks. Red Hat’s advisory reiterates the ...

CVE-2024-6710 Ditty < 3.1.45 - Author+ Stored XSS

The Ditty WordPress plugin before 3.1.45 does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...

CVE-2023-7203 Smart Forms < 2.6.87 - Subscriber+ Arbitrary Entry Deletion

The Smart Forms WordPress plugin before 2.6.87 does not have authorisation in various AJAX actions, which could allow users with a role as low as subscriber to call them and perform unauthorised actions such as deleting entries. The plugin also lacks CSRF checks in some places which could allow...

WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs endpoint

Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor. PoC Run the following within a block editor page. Notice that the request is delayed by the SLEEP call in...

Cross site scripting

The WordPress Backup & Migration WordPress plugin before 1.4.4 does not sanitise and escape some parameters, which could allow users with a role as low as Subscriber to perform Cross-Site Scripting attacks...

WordPress Backup & Migration < 1.4.4 - Subscriber+ Plugin Settings Update

Description The plugin does not authorize some AJAX requests, allowing users with a role as low as Subscriber to update some plugin settings. PoC fetch"/wp-admin/admin-ajax.php", "headers": "content-type": "application/x-www-form-urlencoded; charset=UTF-8", , "body":...

Server side request forgery (ssrf)

The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request to it via wpremoteget, which could allow users with a role as low as Editor to perform SSRF attacks...

Contact form Form For All <= 1.2 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

PT-2023-25413 · WordPress · Simple Author Box

Name of the Vulnerable Software and Affected Versions: The Simple Author Box WordPress plugin versions prior to 2.52 Description: The issue is related to the disclosure of arbitrary user information due to a lack of verification of the user ID before outputting information about that user. This c...

OAuth Single Sign On – SSO (OAuth Client) < 6.23.4 - Improper Authentication

Description The plugin does not have authorisation in various AJAX actions, which could allow users with a role as low as Subscriber to call them and perform unauthorised actions...

IMPress Listings <= 2.6.2 - Contributor+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks...