3474 matches found
CRM Perks Forms < 1.1.2 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitize and escape the formid field in the plugin settings page, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup. PoC...
PT-2023-17903 · WordPress · Fast & Effective Popups & Lead-Generation
Name of the Vulnerable Software and Affected Versions: Fast & Effective Popups & Lead-Generation for WordPress plugin versions prior to 2.1.4 Description: The issue concerns the concatenation of user input into an SQL query without proper escaping in the plugin's report API endpoint. This could...
Telegram Bot & Channel < 3.6.3 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
File Renaming on Upload < 2.5.2 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Multiple inputs in the plugin's settings -- fo...
Ultimate Dashboard < 3.7.6 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to "Ultimate Dashboard - Settings -...
WordPress File Upload < 4.19.2 - Admin+ Path Traversal
The plugin does not properly prevent attackers from modifying the target path to which the plugin will move files, via the wfunewpath parameter. This could allow administrators to move files outside of the site's root, which may be a problem in multisite configurations...
WordPress File Upload and WordPress File Upload Pro < 4.19.2 - Admin+ Stored Cross-Site Scripting
The plugin does not properly escape and sanitize user input coming from users with the administrator role in the plugin's settings, which is a problem in multisite configurations...
Qubotchat < 1.1.6 – Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Add a "button" to the chatbot 2. In the...
WP-Piwik < 1.0.28 - Admin+ Stored XSS
The plugin does not sanitize and escape the plugin display name field in the plugin settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
MailChimp Subscribe Forms < 4.0.9.2 - Admin+ Stored XSS
The plugin does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup...
Novelist < 1.2.1 - Admin+ Stored XSS
The plugin does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup...
Baidu Tongji generator <= 1.0.2 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Scripts n Styles < 3.5.8 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-2548
The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible f...
CVE-2023-2548
The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible f...
CVE-2023-2548
The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible f...
Authorization
The RegistrationMagic plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 5.2.0.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible f...
PT-2023-20098 · WordPress · Registrationmagic
Name of the Vulnerable Software and Affected Versions: RegistrationMagic plugin for WordPress versions up to, and including, 5.2.0.5 Description: The issue allows authenticated attackers with administrator-level permissions and above to bypass authorization and access system resources due to...
CVE-2023-1839
The Product Addons & Fields for WooCommerce WordPress plugin before 32.0.6 does not sanitize and escape some of its setting fields, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example...
CVE-2023-2009
Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...