WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability

WordPress Simple Ajax Chat before 20220216 is vulnerable to sensitive information disclosure. The plugin does not properly restrict access to the exported data via the sac-export.csv file, which could allow unauthenticated users to access it. id: CVE-2022-27849 info: name: WordPress Simple Ajax...

Ametys CMS Information Disclosure

Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/domain/en.xml and similar pathnames for other languages via the auto-completion plugin, which contain all characters typed by all users, including the content of...

WordPress Plugin File Manager (wp-file-manager) Backup Disclosure

mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to the fmbackups directory with a .htaccess file. This results in the ability for unauthenticated users to browse and download any site backups, which sometimes include full database backups, that the plugin has taken...

WordPress WP Courses Plugin Information Disclosure

WordPress WP Courses Plugin 2.0.29 contains a critical information disclosure which exposes private course videos and materials. id: CVE-2020-26876 info: name: WordPress WP Courses Plugin Information Disclosure author: dwisiswant0 severity: high description: WordPress WP Courses Plugin 2.0.29...

Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting

Event Espresso Core-Reg 4.10.7.p is vulnerable to cross-site scripting in wp-content/plugins/event-espresso-core-reg/adminpages/messages/templates/eemsgadminoverview.template.php and allows remote attackers to inject arbitrary web script or HTML via the page parameter. id: CVE-2020-26153 info:...

Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting

Jenkins Gitlab Hook 1.4.2 and earlier does not escape project names in the buildnow endpoint, resulting in a reflected cross-site scripting vulnerability. id: CVE-2020-2096 info: name: Jenkins Gitlab Hook =1.4.3 to mitigate this vulnerability. reference: -...

CRM Perks Forms < 1.1.1 - Cross Site Scripting

The plugin does not sanitise and escape some parameters from a sample file before outputting them back in the page, leading to Reflected Cross-Site Scripting id: CVE-2022-38467 info: name: CRM Perks Forms 1.1.1 - Cross Site Scripting author: r3Y3r53 severity: medium description: | The plugin does...

WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting

WordPress Related Posts plugin prior to 2.1.3 contains a cross-site scripting vulnerability in the rp4wpheadingtext parameter. User input is not properly sanitized, allowing the insertion of arbitrary code that can allow an attacker to steal cookie-based authentication credentials and launch othe...

WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection

WordPress Visitor Statistics Real Time Traffic plugin before 4.8 does not properly sanitize and escape the refUrl in the refDetails AJAX action, which is available to any authenticated user. This could allow users with a role as low as subscriber to perform SQL injection attacks. id: CVE-2021-247...

G Auto-Hyperlink <= 1.0.1 - SQL Injection

The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection id: CVE-2021-24627 info: name: G Auto-Hyperlink = 1.0.1 - SQL...

WordPress Perfect Survey <1.5.2 - SQL Injection

Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the questionid GET parameter before using it in a SQL statement in the getquestion AJAX action, allowing unauthenticated users to perform SQL injection. id: CVE-2021-24762 info: name: WordPress Perfect Survey 1.5.2 - SQL...

WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload

WordPress SP Project & Document Manager plugin before 4.22 is susceptible to authenticated shell upload. The plugin allows users to upload files; however, the plugin attempts to prevent PHP and other similar executable files from being uploaded via checking the file extension. PHP files can still...

WordPress Statistics <13.0.8 - Blind SQL Injection

WordPress Statistic plugin versions prior to version 13.0.8 are affected by an unauthenticated time-based blind SQL injection vulnerability. id: CVE-2021-24340 info: name: WordPress Statistics 13.0.8 - Blind SQL Injection author: lotusdll,j4vaovo severity: high description: WordPress Statistic...

WordPress WooCommerce <1.13.22 - Cross-Site Scripting

WordPress WooCommerce before 1.13.22 contains a reflected cross-site scripting vulnerability via the slider import search feature because it does not properly sanitize the keyword GET parameter. id: CVE-2021-24300 info: name: WordPress WooCommerce 1.13.22 - Cross-Site Scripting author: cckuailong...

WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting

WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflected cross-site scripting vulnerabilities via the galleryid, tag, albumid and themeid GET parameters passed to the bwgfrontenddata AJAX action, available to both unauthenticated and authenticated users. id: CVE-2021-2429...

WordPress Plugin Redirect 404 to Parent 1.3.0 - Cross-Site Scripting

The settings page of the plugin did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue. id: CVE-2021-24286 info: name: WordPress Plugin Redirect 404 to Parent 1.3.0 - Cross-Site Scripting author: r3Y3r53 severity: medium descriptio...

Popup by Supsystic <1.10.5 - Cross-Site scripting

WordPress Popup by Supsystic before 1.10.5 did not sanitize the tab parameter of its options page before outputting it in an attribute, leading to a reflected cross-site scripting issue. id: CVE-2021-24275 info: name: Popup by Supsystic 1.10.5 - Cross-Site scripting author: dhiyaneshDK severity:...

WordPress Realteo <=1.2.3 - Cross-Site Scripting

WordPress Realteo plugin 1.2.3 and prior contains an unauthenticated reflected cross-site scripting vulnerability due to improper sanitization of keywordsearch, searchradius. bedrooms and bathrooms GET parameters before outputting them in its properties page. id: CVE-2021-24237 info: name:...

WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting

WordPress OpenID Connect Generic Client plugin 3.8.0 and 3.8.1 contains a cross-site scripting vulnerability. It does not sanitize the login error when output back in the login form, thereby not requiring authentication, which can be exploited with the default configuration. id: CVE-2021-24214...

WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure

WordPress Modern Events Calendar Lite before 5.16.5 does not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format. id: CVE-2021-24146 info: name: WordPress Modern Events Calendar Lite 5.16.5 - Sensitive Information Disclosure...