CVE-2022-4790

The CVE covers the WP Google My Business Auto Publish WordPress plugin (pre-3.4). Affected component is a shortcode attribute that is not validated/escaped, enabling Stored XSS for users with as low as Contributor. Public PoCs show a crafted shortcode exploiting this attribute, validating the att...

Widgets on Pages <= 1.7.0 - Contributor+ Stored XSS

The plugin does not validate and escape its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC widgetsonpages...

CVE-2022-4394

The CVE-2022-4394 vulnerability affects the iPages Flipbook For WordPress plugin (versions up to 1.4.6, prior to 1.4.7 per some sources) where settings are not properly sanitized/escaped. This enables Stored Cross-Site Scripting by low-privilege users (e.g., Contributor+) even when unfiltered_htm...

PT-2023-14971 · WordPress · Members Import

Name of the Vulnerable Software and Affected Versions: Members Import plugin for WordPress versions up to, and including, 1.4.2 Description: The issue is related to Self Cross-Site Scripting via the user login parameter in an imported CSV file due to insufficient input sanitization and output...

WordPress plugin Visual Email Designer for WooCommerce SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

CVE-2022-3835 Kwayy HTML Sitemap < 4.0 - Admin+ Stored XSS

The Kwayy HTML Sitemap WordPress plugin before 4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Show All Comments < 7.0.1 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a logged in high privilege users such as admin. PoC Visit the following URL authenticated or not to trigger an alert box:...

Link Library < 7.4.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Install the plugin and go to:...

CVE-2022-3935 Welcart e-Commerce < 2.8.4 - Multiple Subscriber+ Stored Cross-Site Scripting

The Welcart e-Commerce WordPress plugin before 2.8.4 does not sanitise and escape some parameters, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks...

CVE-2022-3677

The Advanced Import WordPress plugin before 1.3.8 does not have CSRF check when installing and activating plugins, which could allow attackers to make a logged in admin install arbitrary plugins from WordPress.org, and activate arbitrary ones from the blog via CSRF attacks...

Contest Gallery < 19.1.5 - Author+ SQL Injection

The plugins do not escape the cgorder POST parameter before concatenating it to an SQL query in order-custom-fields-with-and-without-search.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database. PoC POST /wp-admin/admin-ajax.php...

PT-2022-25346 · WordPress · Quiz/Survey Master

Name of the Vulnerable Software and Affected Versions: Quiz and Survey Master plugin for WordPress versions up to, and including, 8.0.4 Description: The issue arises from insufficient input sanitization and output escaping, allowing iframe tags to be injected via the questionid parameter. This...

CVE-2022-38461 WordPress WPML Multilingual CMS premium plugin <= 4.5.10 - Broken Access Control vulnerability

Broken Access Control vulnerability in WPML Multilingual CMS premium plugin = 4.5.10 on WordPress allows users with a subscriber or higher user role to change plugin settings selected language for legacy widgets, the default behavior for media content...

WordPress plugin Quiz And Survey Master 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin...

CVE-2022-45381

Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:' prefix interpolator by default, allowing attackers able to configure Pipelines to read arbitrary...

CVE-2022-3463 FluentForm < 4.3.13 - CSV Injection

The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection...

CVE-2022-3380 Customizer Export/Import < 0.9.5 - Admin+ PHP Objection Injection

The Customizer Export/Import WordPress plugin before 0.9.5 unserializes the content of an imported file, which could lead to PHP object injection issues when an admin imports intentionally or not a malicious file and a suitable gadget chain is present on the blog...

PT-2022-21356

Name of the Vulnerable Software and Affected Versions WordPress Classifieds Plugin versions prior to 4.3 Description The issue arises from the improper sanitization and escaping of certain parameters before they are used in a SQL statement. This occurs via an AJAX action that is accessible to...

tagDiv Composer < 3.5 - Unauthenticated Account Takeover

Description The plugin, required by the themes, does not properly implement the Facebook login feature, allowing unauthenticated attackers to login as any user by just knowing their email address PoC Run the below command in the developer console of the web browser while being on the blog as an...

Jenkins Plugin Script Security 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...