IdeaPush < 8.53 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

TOTOLINK A3300R enable parameter command execution vulnerability

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the failure to validate the enable parameter when processing a setLedCfg request, and can be exploited by a...

PT-2023-29517 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the price parameter of the "routers/menu-router.php" resource does not validate the characters...

PT-2023-29507 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities. Specifically, the deleted parameter of the "routers/add-users.php" resource does not validate the characters...

Assistant < 1.4.4 - Editor+ SSRF

Description The plugin does not validate a parameter before making a request to it via wpremoteget, which could allow users with a role as low as Editor to perform SSRF attacks PoC As an Editor or above, open http://example.com/index.php?flasstimageproxy=https://127.0.0.1...

PT-2023-32335 · WordPress · The Assistant Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Assistant WordPress plugin versions prior to 1.4.4 Description: The issue arises from the plugin not validating a parameter before making a request to it via wp remote get, which could allow users with a role as low as Editor to perform...

WordPress Plugin Migration, Backup, Staging - WPvivid Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...

Gumroad <= 3.1.0 - Contributor+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

Smart Cookie Kit < 2.3.2 - Contributor+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

WordPress Plugin flowpaper Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2023-20261

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerabilit...

PT-2023-17423 · Cisco · Cisco Catalyst Sd-Wan Manager

Name of the Vulnerable Software and Affected Versions: Cisco Catalyst SD-WAN Manager affected versions not specified Description: A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This...

CVE-2023-3155

The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the galleryedit function, allowing an attacker to access arbitrary resources on the server...

CVE-2023-3155

The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the galleryedit function, allowing an attacker to access arbitrary resources on the server...

CVE-2023-3155 NextGEN Gallery < 3.39 - Admin+ Arbitrary File Read and Delete

The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the galleryedit function, allowing an attacker to access arbitrary resources on the server...

CVE-2023-44163

The 'search' parameter of the processsearch.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-44166

The 'age' parameter of the processregistration.php resource does not validate the characters received and they are sent unfiltered to the database...

Easy Coming Soon <= 2.3 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

RSVPMarker < 10.6.7 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-40797

In Tenda AC23 v16.03.07.45cn, the sub4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability...