WP Advanced Search <= 1.1.6 - Admin+ SQL Injection

Description The plugin does not properly escape parameters appended to an SQL query, making it possible for users with the administrator role to conduct SQL Injection attacks in the context of a multisite WordPress configurations. PoC 1. Log in as an administrator 2. Visit...

PT-2024-2953

Name of the Vulnerable Software and Affected Versions WordPress versions prior to 6.4.3 WordPress versions 6.3.3, 6.2.4, 6.1.5, 6.0.7, 5.9.9, 5.8.9, 5.7.11, 5.6.13, 5.5.14, 5.4.15, 5.3.17, 5.2.20, 5.1.18, 5.0.21, 4.9.25, 2.8.24, 4.7.28, 4.6.28, 4.5.31, 4.4.32, 4.3.33, 4.2.37, and 4.1.40 Descripti...

Import WP < 2.13.1 - Admin+ Server-side Request Forgery

Description The plugin does not prevent users with the administrator role from pinging conducting SSRF attacks, which may be a problem in multisite configurations. PoC 1. As an admin, create a new importer in /wp-admin/tools.php?page=importwp 2. Visit /wp-admin/admin-ajax.php?action=rest-nonce...

Better Comments < 1.5.6 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. From the WordPress menu on the...

Floating Chat Widget < 3.1.9 - Editor+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to "Chaty New Widget" 2...

Save as PDF by Pdfcrowd < 3.2.2 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to "Settings Save as Image"...

BIT-DISCOURSE-2024-27100 Denial of service via Staff Actions in Discourse

Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren't enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource consumption which could...

CVE-2024-2278

Themify WordPress plugin before 1.4.4 does not sanitise and escape some of its Filters settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-2278 WooCommerce Product Filter < 1.4.4 - Admin+ Stored XSS

Themify WordPress plugin before 1.4.4 does not sanitise and escape some of its Filters settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-2278

The CVE-2024-2278 entry corresponds to the Themify WordPress plugin prior to version 1.4.4. The vulnerability arises because the plugin does not sanitize and escape some Filter settings, potentially allowing high-privilege users (e.g., administrators) to perform Stored Cross-Site Scripting even w...

CVE-2024-2968

The WP-Eggdrop plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

CVE-2024-2963

The Pocket News Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings such as "Consumer Key" and "Access Token" in all versions up to, and including, 0.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

Breeze < 2.1.4 - Admin+ Stored XSS

Description The plugin does not sanitise and escape its breezeapitoken settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

PT-2024-22960 · WordPress · Wp-Eggdrop

Name of the Vulnerable Software and Affected Versions: WP-Eggdrop plugin for WordPress versions up to, and including, 0.1 Description: The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and output escaping. This allows authenticated...

PT-2024-22943 · WordPress · Pocket News Generator

Name of the Vulnerable Software and Affected Versions: The Pocket News Generator plugin for WordPress versions up to, and including, 0.2.0 Description: The issue is related to Stored Cross-Site Scripting via admin settings, specifically Consumer Key and Access Token, due to insufficient input...

CVE-2024-29910

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alordiel Dropdown Multisite selector allows Stored XSS.This issue affects Dropdown Multisite selector: from n/a through 0.9.2...

CVE-2024-29910 WordPress Dropdown Multisite selector plugin <= 0.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alordiel Dropdown Multisite selector allows Stored XSS.This issue affects Dropdown Multisite selector: from n/a through 0.9.2...

CVE-2024-29910

CVE-2024-29910 refers to a Stored Cross-Site Scripting (XSS) flaw in the WordPress plugin “Dropdown Multisite selector.” The connected data indicate this affects versions up to 0.9.2 (listed as &lt;= 0.9.2) with the issue described as Stored XSS via shortcode. The vulnerability is categorized as ...

WordPress Plugin Dropdown multisite selector 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-22937 · WordPress · The Simple Ajax Chat

Name of the Vulnerable Software and Affected Versions: The Simple Ajax Chat – Add a Fast, Secure Chat Box plugin for WordPress versions up to, and including, 20231101 Description: The issue is related to Stored Cross-Site Scripting via admin settings due to insufficient input sanitization and...