WordPress Google Maps v3 Shortcode Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Google Maps v3 Shortcode Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23827 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6111df9930d9 Credits István Márton...

Google Maps v3 Shortcode <= 1.2.1 - Contributor+ XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

Simple PDF Viewer <= 1.9 - Contributor+ XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

Campaign URL Builder < 1.8.2 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks The shortcode need to be active can be done...

Campaign URL Builder < 1.8.2 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC The shortcode need to be active can be...

WoodMart < 7.1.2 - Unauthenticated Arbitrary Shortcode Injection

The theme could allow arbitrary shortcode to be injected when the "Display results from blog" settings is enabled, which could lead to Reflected XSS for example, when using a shortcode vulnerable to XSS When the "Display results from blog" settings is enabled:...

WoodMart < 7.1.2 - Unauthenticated Arbitrary Shortcode Injection

The theme could allow arbitrary shortcode to be injected when the "Display results from blog" settings is enabled, which could lead to Reflected XSS for example, when using a shortcode vulnerable to XSS PoC When the "Display results from blog" settings is enabled:...

Wordfence Adds Two Factor Auth for WooCommerce Customers

Wordfence 7.9.0 has been released and it includes a very exciting feature for WooCommerce sites and other WordPress sites wanting to make two factor authentication 2fa available to their site users or members. Wordfence 7.9.0 now lets you give your users the ability to configure 2fa on their...

WordPress Eyes Only: User Access Shortcode Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Eyes Only: User Access Shortcode Type Plugin Vulnerable versions = 1.8.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25786 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a492ed1c72d5 Credits Rio...

CVE-2023-0814

The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable to sensitive information disclosure via the usermeta shortcode in versions up to, and including 3.9.0. This is due to insufficient restriction on sensitive user meta values that can be called via that...

Ocean Extra < 2.1.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks Note: This requires the OceanWP theme to be...

Client Logo Carousel <= 3.0.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Note: 1. First, you need to add a...

Popup Builder by OptinMonster < 2.12.2 - Subscriber+ Arbitrary Post Content Disclosure

The plugin does not ensure that the campaign to be loaded via some shortcodes is actually a campaign, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, like draft, private or even password protected ones. PoC Run one of the below commands in the...

CVE-2023-0362

Themify Portfolio Post WordPress plugin before 1.2.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0275

The Easy Accept Payments for PayPal WordPress plugin before 4.9.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

CVE-2023-0270

The YaMaps for WordPress Plugin WordPress plugin before 0.6.26 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

CVE-2023-0220

The Pinpoint Booking System WordPress plugin before 2.9.9.2.9 does not validate and escape one of its shortcode attributes before using it in a SQL statement, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks...

CVE-2023-0333

The TemplatesNext ToolKit WordPress plugin before 3.2.9 does not validate some of its shortcode attributes before using them to generate an HTML tag, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0177

The Social Like Box and Page by WpDevArt WordPress plugin before 0.8.41 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

CVE-2023-0060

The Responsive Gallery Grid WordPress plugin before 2.3.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attac...