Pop-Up Chop Chop <= 2.1.7 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

MailPress <= 7.2.1 - Arbitrary Settings Update & Log Files Purge via CSRF

The plugin does not have CSRF checks in various places, which could allow attackers to make a logged in admin change the settings, purge log files and more via CSRF attacks PoC...

Price Table <= 0.2.2 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Store Cross-Site Scripting attacks...

NEX-Forms <= 7.9.4 - Multiple Admin+ Stored Cross-Site Scripting

The plugin does not escape some of its settings and form fields before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC In Global Setting Preferences Validation, put the followi...

Game Server Status <= 1.0 - Admin+ SQL Injection

The plugin does not validate or escape the serverid parameter before using it in SQL statement, leading to an Authenticated SQL Injection in an admin page PoC sqlmap -u "https://example.com/wp-admin/admin.php?page=grohsfabian-add-game-serversid=1" -p serverid --dbms mysql --cookie your cookie...

ACF to REST API < 3.3.0 - Unauthenticated Arbitrary wp_options Disclosure

The plugin does not properly check for authorisation and allowed options to be retrieved from the wp-json/acf/v3/options/ endpoint. This could allow unauthenticated attacker to retrieve arbitrary values from the wpoptions table, such as a list of active plugins. PoC List all active plugins of the...

Minimal Coming Soon & Maintenance Mode < 2.15 - CSRF to Stored XSS and Setting Changes

This plugin had no nonce checks on any of the settings to verify that a request came from a legitimate source, such as a logged in administrative user. Therefore, creating a CSRF to stored XSS in addition to significant setting changes. PoC...

CVE-2017-18536

The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS...

CVE-2017-18504

The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF...

WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution

WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution Exploit Title: Plugin Woocommerce CSV importer 3.3.6 – RCE – Unlink Date: 08/04/2018 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/woocommerce-csvimport/ Software Link:...

xPinner Lite <= 2.2 - Cross-Site Scripting (XSS) & CSRF

The xpinner-lite WordPress plugin was affected by a Cross-Site Scripting XSS & CSRF security vulnerability...

CP Image Store with Slideshow <= 1.0.6 - Purchase ID Brute Force Prevention

The CP Image Store with Slideshow WordPress plugin was affected by a Purchase ID Brute Force Prevention security vulnerability...

GroupDocs Comparison <= 1.0.2 - Multiple Parameter XSS

The GroupDocs.Comparison for Cloud WordPress plugin was affected by a Multiple Parameter XSS security vulnerability...

GroupDocs Signature 1.2.0 - grpdocs-dialog.php Multiple Parameter XSS

The GroupDocs.Signature for Cloud WordPress plugin was affected by a grpdocs-dialog.php Multiple Parameter XSS security vulnerability...

Simply Poll 1.4.1 - wp-admin/admin.php question Parameter XSS

The simply-poll WordPress plugin was affected by a wp-admin/admin.php question Parameter XSS security vulnerability...

WP Marketplace 1.5.0-1.6.1 - Arbitrary File Upload

The wpmarketplace WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

LB Mixed Slideshow 1.0 - Arbitrary File Upload

The lb-mixed-slideshow WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

wp-gpx-max version 1.1.21 - Arbitrary File Upload

The wp-gpx-map WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

iBrowser Plugin 1.4.1 (lang) - Local File Inclusion Vulnerability

No description provided by source...