CVE-2022-34800

Jenkins Build Notifications Plugin 1.5.0 and earlier stores tokens unencrypted in its global configuration files on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system...

WordPress Discount Rules for WooCommerce plugin <= 2.4.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by ZhongFu Su aka JrXnm WuHan University in WordPress Discount Rules for WooCommerce plugin versions = 2.4.1. Solution Update the WordPress Discount Rules for WooCommerce plugin to the latest available version at least 2.4.2...

WordPress New User Approve plugin <= 2.3 - Arbitrary Settings Update & Invitation Code Creation via CSRF vulnerability

Arbitrary Settings Update & Invitation Code Creation via CSRF vulnerability discovered by Daniel Ruf in WordPress New User Approve plugin versions = 2.3. Solution Update the WordPress New User Approve plugin to the latest available version at least 2.4...

MailPress <= 7.2.1 - Arbitrary Settings Update & Log Files Purge via CSRF

The plugin does not have CSRF checks in various places, which could allow attackers to make a logged in admin change the settings, purge log files and more via CSRF attacks PoC...

PT-2022-13986 · WordPress · Change Wp-Admin Login Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Change wp-admin login WordPress plugin versions prior to 1.1.0 Description: The issue arises from the plugin's failure to properly check for authorization and its lack of CSRF check when updating settings. This could allow unauthenticated...

WordPress plugin IMDB info box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress IMDB info box plugin has a cross-site scripting vulnerability that stems from failure to clean and...

GHSA-C2HG-2JJ6-H8VH CSRF vulnerability in Jenkins Pipeline Maven Integration Plugin allow capturing credentials

Pipeline Maven Integration Plugin 3.8.2 and earlier does not perform a permission check in a method implementing form validation. This allows users with Overall/Read access to Jenkins to connect to an attacker-specified JDBC URL using attacker-specified credentials IDs obtained through another...

Peter’s Collaboration E-mails <= 2.2.0 - Arbitrary Settings Update via CSRF

The plugin is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more. PoC...

CVE-2022-1089

The Bulk Edit and Create User Profiles WordPress plugin before 1.5.14 does not sanitise and escape the Users Login, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

Throws SPAM Away < 3.3.1 - Comment Deletion via CSRF

The plugin does not have CSRF checks in place when deleting comments either all, spam, or pending, allowing attackers to make a logged in admin delete comments via a CSRF attack PoC To delete all comments...

Simple Real Estate Pack <= 1.4.8 - Admin+ Stored Cross Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed Put the following payload in the plugin's settings such as "Consumer Key": "...

WordPress Andrea Pernici News Sitemap for Google plugin <= 1.0.16 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by John Castro aka mirphak Pagely in WordPress Andrea Pernici News Sitemap for Google plugin versions = 1.0.16. Solution No patched version is available...

WordPress plugin Good

WordPress is a blogging platform developed using the PHP language. WordPress plugin Good...

Tipsacarrier <= 1.4.4.2 - Unauthenticated Orders Disclosure

The plugin does not have any authorisation check in place some functions, which could allow unauthenticated users to access Orders data which could be used to retrieve the client full address, name and phone via tracking URL Vendor was notified on November 26th, 2021, did not reply nor fix the...

Books & Papers <= 0.20210223 - Admin+ Stored Cross-Site Scripting

The plugin does not escape its Custom DB prefix settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed Put the following payload in the Custom DB Prefix settings of the plugin: BooksnPapers" style=animation-name:rotati...

CVE-2022-0770

The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in some files, and write debug data such as user's cookies in a publicly accessible file if a specific parameter is used when requesting them. Combining those two issues, an attacker could gain access t...

CVE-2022-27218

Jenkins incapptic connect uploader Plugin 1.15 and earlier stores tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

WordPress Quote for WooCommerce Lite – Request a Product Quote Plugin plugin <= 1.4.8 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Quote for WooCommerce Lite – Request a Product Quote Plugin plugin versions = 1.4.8. Solution Update the WordPress Quote for WooCommerce Lite – Request a Product Quote Plugin plugin to the latest...

WordPress Multicollab – Google Doc-Style Editorial Commenting for WordPress plugin <= 2.0.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Multicollab – Google Doc-Style Editorial Commenting for WordPress plugin versions = 2.0.3. Solution Update the WordPress Multicollab – Google Doc-Style Editorial Commenting plugin to the latest availab...

Master Addons for Elementor < 1.8.2 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the errormessage parameter before outputting it back in the response of the jltmarestrictcontent AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting PoC...