Wordpress Powie WHOIS Domain Check 0.9.31 Plugin - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting Vendor Homepage: https://powie.de Vendor Changelog: https://wordpress.org/plugins/powies-whois/developers Software Link:...

CVE-2020-5972

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x prior to 8.4, version 9.x prior to 9.4 and version 10.x prior to 10....

jenkins-subversion-plugin: XSS in project repository base url

Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability...

Multi Scheduler <= 1.0.0 - Arbitrary Record Deletion via CSRF

The lack of CSRF check could allow attacker to delete arbitrary records from the plugin for example Professional ones via a CSRF attack. The issue is not patched, and has ben escalated to WP plugins team on May 29th, 2020 PoC The PoC will be displayed once the issue has been remediated...

Design/Logic Flaw

An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. The faroptionspage function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The find and replace rules could be updated with malicious JavaScript,...

CVE-2020-13486

The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...

Design/Logic Flaw

An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if registration is disabled...

WordPress simple-file-list plugin path traversal vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. simple-file-list is a file list plugin that supports opening and downloading files. A path traversal vulnerability exists in WordPress...

WordPress iubenda-cookie-law-solution plugin input validation error vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. iubenda-cookie-law-solution is a plugin that supports customizing cookie banners and managing cookie consent. A security vulnerability...

CloudBees Jenkins CVS Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . CVS Plugin is used in one of the CVS...

CloudBees Jenkins Amazon EC2 Plugin Man-in-the-Middle Attack Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Amazon EC2 Plugin is used in which an EC2 connection agen...

CVE-2019-16653

An application plugin in Genius Bytes Genius Server Genius CDDS 3.2.2 allows remote authenticated users to gain admin privileges...

CVE-2020-12075

The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks for AJAX actions...

CVE-2020-11928

In the media-library-assistant plugin before 2.82 for WordPress, Remote Code Execution can occur via the taxquery, metaquery, or datequery parameter in mlagallery via an admin...

WordPress media-library-assistant injection vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. media-library-assistant is a multimedia library management plugin used in it. A security vulnerability exists in WordPress...

CVE-2020-11738

The Snap Creek Duplicator plugin before 1.3.28 for WordPress and Duplicator Pro before 3.8.7.1 allows Directory Traversal via ../ in the file parameter to duplicatordownload or duplicatorinit. Recent assessments: kevthehermit at April 14, 2020 2:38pm UTC reported: This plugin is recorded as havin...

Klarna Checkout for WooCommerce < 2.0.10 - Authenticated Arbitrary Plugin Deactivation, Activation and Installation

The plugin registers one AJAX action intended for installing addon plugins from WordPress.org. The callback method to this action does not have a capability nor nonce check. This enables any logged in user to post a request to the endpoint and install, activate or deactivate any plugin. Since the...

Joomla! plugin "AcyMailing" vulnerable to arbitrary file uploads

Overview Joomla! plugin "AcyMailing" allows an unauthenticated user to upload arbitrary files CWE-434. qw3rTyTy reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact Arbitrary PHP code may be executed. Solution...

CloudBees Jenkins OpenShift Pipeline Plugin Remote Code Execution Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks.OpenShift Pipeline Plugin is used in which a plug-in with the ability to deploy...

CVE-2020-9392

An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or...