Lucene search
K

4529 matches found

OSV
OSV
added 2021/08/23 12:15 p.m.5 views

CVE-2021-24524

The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.12.0 did not escape the Donation Level setting of its Donation Forms, allowing high privilege users to use Cross-Site Scripting payloads in them...

4.8CVSS5.8AI score0.00617EPSS
Exploits2References1
Prion
Prion
added 2021/08/23 12:15 p.m.23 views

Path traversal

The AceIDE WordPress plugin through 2.6.2 does not sanitise or validate the user input which is appended to system paths before using it in various actions, such as to read arbitrary files from the server. This allows high privilege users such as administrator to access any file on the web server...

4CVSS4.8AI score0.0157EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2021/08/23 12:15 p.m.16 views

Cross site scripting

The Maintenance WordPress plugin before 4.03 does not sanitise or escape some of its settings, allowing high privilege users such as admin to se Cross-Site Scripting payload in them even when the unfilteredhtml capability is disallowed, which will be triggered in the frontend...

3.5CVSS4.8AI score0.00617EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2021/08/23 12:15 p.m.19 views

Code injection

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page...

6.5CVSS8.6AI score0.01509EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2021/08/23 12:15 p.m.15 views

Design/Logic Flaw

The Erident Custom Login and Dashboard WordPress plugin before 3.5.9 did not properly sanitise its settings, allowing high privilege users to use XSS payloads in them even when the unfiletedhtml is disabled...

3.5CVSS4.7AI score0.00676EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2021/08/23 11:10 a.m.53 views

CVE-2021-24602

The CVE-2021-24602 entry refers to the HM Multiple Roles WordPress plugin (versions prior to 1.3) with a lack of access control that allows a low-privilege user to elevate themselves to Administrator via the profile page. This is a privilege-escalation vulnerability, with impact described as unau...

8.8CVSS8.7AI score0.01509EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2021/08/23 11:10 a.m.30 views

CVE-2021-24602 HM Multiple Roles < 1.3 - Arbitrary Role Change

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page...

8.9AI score0.01509EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2021/08/22 12:0 a.m.17 views

WP iCommerce <= 1.1.1 - Authenticated (contributor+) SQL Injection

The Orders functionality in the plugin has an orderid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as contributors PoC GET...

7.2CVSS1.6AI score0.04648EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2021/08/16 11:15 a.m.29 views

CVE-2021-24363

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector...

4.9CVSS0.01893EPSS
Exploits2References1
Prion
Prion
added 2021/08/16 11:15 a.m.12 views

Cross site scripting

The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the 'Text Next to Icon' field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue...

3.5CVSS4.6AI score0.00613EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2021/08/16 11:15 a.m.22 views

Path traversal

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin before 1.5.75 did not ensure that uploaded files are kept inside its uploads folder, allowing high privilege users to put images/SVG anywhere in the filesystem via a path traversal vector...

4CVSS4.9AI score0.01893EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2021/08/16 10:48 a.m.14 views

CVE-2021-24518 WPFront Notification Bar < 2.0.0.07176 - Authenticated Stored XSS

The WPFront Notification Bar WordPress plugin before 2.0.0.07176 does not sanitise or escape its Custom CSS setting, allowing high privilege users such as admin to set XSS payload in it even when the unfilteredhtml capability is disallowed, leading to an authenticated Stored Cross-Site Scripting...

4.8AI score0.00695EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2021/08/11 12:0 a.m.21 views

Per Page Add to Head < 1.4.4 - CSRF to Stored XSS

The plugin is lacking any CSRF check when saving its settings, which could allow attackers to make a logged in admin change them. Furthermore, as the plugin allows arbitrary HTML to be inserted in one of the setting feature mentioned by the plugin, this could lead to Stored XSS issue which will b...

4.3CVSS2.1AI score0.00483EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2021/08/10 12:0 a.m.25 views

AddToAny Share Buttons < 1.7.48 - Admin+ Stored Cross-Site Scripting

The plugin does not escape its Image URL button setting, which could lead allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Add the following payload in the Universal Button Image URL settings: " onerror=alert/XSS/ " The...

4.8CVSS1.4AI score0.00654EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2021/08/09 10:15 a.m.4 views

CVE-2021-24502

The WP Google Map WordPress plugin before 1.7.7 did not sanitise or escape the Map Title before outputting them in the page, leading to a Stored Cross-Site Scripting issue by high privilege users, even when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score0.00668EPSS
Exploits2References2
OSV
OSV
added 2021/08/02 11:15 a.m.3 views

CVE-2021-24444

The TaxoPress – Create and Manage Taxonomies, Tags, Categories WordPress plugin before 3.0.7.2 does not sanitise its Taxonomy description field, allowing high privilege users to set JavaScript payload in them even when the unfilteredhtml capability is disallowed, leading to an authenticated Store...

4.8CVSS5.8AI score0.02315EPSS
Exploits5References2
OSV
OSV
added 2021/08/02 11:15 a.m.3 views

CVE-2021-24425

The Floating Notification Bar, Sticky Menu on Scroll, and Sticky Header for Any Theme – myStickymenu WordPress plugin before 2.5.2 does not sanitise or escape its Bar Text settings, allowing hight privilege users to use malicious JavaScript in it, leading to a Stored Cross-Site Scripting issue,...

4.8CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2021/08/02 11:15 a.m.15 views

Cross site scripting

The Any Hostname WordPress plugin through 1.0.6 does not sanitise or escape its "Allowed hosts" setting, leading to an authenticated stored XSS issue as high privilege users are able to set XSS payloads in it...

3.5CVSS4.6AI score0.00613EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2021/08/02 11:15 a.m.21 views

Cross site scripting

The User Registration & User Profile – Profile Builder WordPress plugin before 3.4.8 does not sanitise or escape its 'Modify default Redirect Delay timer' setting, allowing high privilege users to use JavaScript code in it, even when the unfilteredhtml capability is disallowed, leading to an...

3.5CVSS4.7AI score0.00613EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2021/08/02 12:0 a.m.10 views

VDZ Google Analytics or Google Tag Manager / GTM < 1.4.9 - Authenticated Stored XSS

The plugin does not properly sanitise or escape some of its settings, allowing high privilege users such as admin to perform XSS attacks even when the unfilteredhtml capability is disallowed PoC Put the following payloads in the Google Analytics ID settings of the plugin...

1.6AI score
Exploits0References2Affected Software1
Rows per page
Query Builder