CVE-2024-2797

The MailerLite – Signup forms official plugin for WordPress is vulnerable to unauthorized plugin setting changes due to a missing capability check on the toggleRolesAndPermissions and editAllowedRolesAndPermissions functions in all versions up to, and including, 1.7.6. This makes it possible for...

CVE-2024-10567 TI WooCommerce Wishlist <= 2.9.1 - Missing Authorization to Unauthenticated Plugin Setup Wizard Access

The TI WooCommerce Wishlist plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wizard' function in all versions up to, and including, 2.9.1. This makes it possible for unauthenticated attackers to create new pages, modify plugin...

CVE-2024-5804 Conditional Fields for Contact Form 7 <= 2.4.13 - Cross-Site Request Forgery to Plugin Setting Reset

The Conditional Fields for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.13. This is due to missing or incorrect nonce validation on the wpcf7cfadmininit function. This makes it possible for unauthenticated attackers to reset...

CVE-2024-5804 Conditional Fields for Contact Form 7 <= 2.4.13 - Cross-Site Request Forgery to Plugin Setting Reset

The Conditional Fields for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4.13. This is due to missing or incorrect nonce validation on the wpcf7cfadmininit function. This makes it possible for unauthenticated attackers to reset...

WordPress plugin Easy Pixels security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-2797

The MailerLite – Signup forms official plugin for WordPress is vulnerable to unauthorized plugin setting changes due to a missing capability check on the toggleRolesAndPermissions and editAllowedRolesAndPermissions functions in all versions up to, and including, 1.7.6. This makes it possible for...

CVE-2023-5387 Funnelforms Free <= 3.4 - Missing Authorization to Enable/Disable Dark Mode

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfaf2triggerdarkmode function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and...

Active Directory Integration < 4.1.10 - Unauthenticated Log Disclosure

Description The plugin stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so. This requires the plugin's Log Authentication Requests setting to be set...

PT-2022-24190 · Unknown · Webfactory Under Construction Plugin

Name of the Vulnerable Software and Affected Versions: WebFactory Under Construction Plugin affected versions not specified Description: A problematic vulnerability has been found in the WebFactory Under Construction Plugin, affecting the Plugin Setting Handler component. This issue leads to...

CVE-2022-3076

The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by setting the any extension via the plugin's setting, which could be used by admins of multisite blog to upload PHP files for example...

Command injection

Authenticated subscriber+ Plugin Setting change vulnerability in WP Shamsi plugin = 4.1.1 at WordPress...

CVE-2022-38058 WordPress WP Shamsi plugin <= 4.1.1 - Authenticated Plugin Setting change vulnerability

Authenticated subscriber+ Plugin Setting change vulnerability in WP Shamsi plugin = 4.1.1 at WordPress...

th23 Social <= 1.2.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed Put the following payload in the plugin's settings...

MouseWheel Smooth Scroll < 5.7 - Plugin's Setting Update via CSRF

The plugin does not have CSRF check in place on its settings page, which could allow attackers to make a logged in admin change them via a CSRF attack...

WordPress Catch Gallery plugin <= 1.6.8 - Unauthorized Plugin Setting Change vulnerability

Unauthorized Plugin Setting Change vulnerability discovered by apple502j in WordPress Catch Gallery plugin versions = 1.6.8. Solution Update the WordPress Catch Gallery plugin to the latest available version at least 1.7...

WordPress Generate Child Theme plugin <= 1.5.3 - Unauthorized Plugin Setting Change vulnerability

Unauthorized Plugin Setting Change vulnerability discovered by apple502j in WordPress Generate Child Theme plugin versions = 1.5.3. Solution Update the WordPress Generate Child Theme plugin to the latest available version at least 1.6...

WordPress Catch Infinite Scroll plugin <= 1.8.1 - Unauthorized Plugin Setting Change vulnerability

Unauthorized Plugin Setting Change vulnerability discovered by apple502j in WordPress Catch Infinite Scroll plugin versions = 1.8.1. Solution Update the WordPress Catch Infinite Scroll plugin to the latest available version at least 1.9...

Hana Flv Player <= 3.1.3 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin was vulnerable to an Authenticated Stored Cross-Site Scripting XSS vulnerability within the "Default Skin" field. Step1: Install and activate the plugin. Step2: Go to the plugin setting. Step3: Enter the following payload in the field "Default Skin" xss"alert1input type='text'...

WordPress Plugin WP-SendSms 1.0 - Multiple Vulnerabilities

WordPress Plugin WP-SendSms 1.0 - Multiple Vulnerabilities ============================================================= \ \ / / | | / \ / | | \ \ V / | | | | | | | | | / \ | ' \ | | | | | | | | | | | | '| | / / . \ | | | | | | || | | | | | | | | | // \ | ./ || / || || |/ || | | ||...

WordPress Tune Library 2.17 SQL Injection

Exploit Title: WordPress Tune Library plugin prefix . "tracks where artist != '' and artist like '" .$artistletter . "%' order by artist";...