8956 matches found
CVE-2021-24845
The CVE refers to the WordPress plugin Improved Include Page, version
WordPress plugin Improved Include Page 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress 插件安全漏洞
WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress Page/Post Content Shortcode plugin in and prior versions is vulnerable to an authorization...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. ultimate NoFollow plugin is a WordPress open source application plugin. the WordPress Ultimate NoFollow plugin in version 1.4....
CVE-2021-24759
The PDF.js Viewer WordPress plugin before 2.0.2 does not escape some of its shortcode and Gutenberg Block attributes, which could allow users with a role as low as Contributor to to perform Cross-Site Scripting attacks...
Logo Carousel < 3.4.2 - Unauthorised Private Post Access
The plugin allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature 1 Go to Logo Carousel - Shortcode Generator. 2 If there is no carousel, create one. 3 Copy URL of the "Duplicate" link under the carouse...
CVE-2021-24851
The Insert Pages WordPress plugin before 3.7.0 allows users with a role as low as Contributor to access content and metadata from arbitrary posts/pages regardless of their author and status ie private, using a shortcode. Password protected posts/pages are not affected by such issue...
Page/Post Content Shortcode <= 1.0 - Contributor+ Arbitrary Posts/Pages Access
The plugin does not have proper authorisation in place, allowing users with a role as low as contributor to access draft/private/password protected/trashed posts/pages they should not be allowed to, including posts created by other users such as admins and editors. As a contributor, add the...
Display Post Metadata < 1.5.0 - Contributor+ Stored Cross-Site Scripting
The plugin adds a shortcode to print out custom fields, however their content is not sanitised or escaped which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks PoC - Login as contributor+ - Create a custom field containing XSS payload eg. - Add this...
Display Post Metadata < 1.5.0 - Contributor+ Stored Cross-Site Scripting
The plugin adds a shortcode to print out custom fields, however their content is not sanitised or escaped which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks - Login as contributor+ - Create a custom field containing XSS payload eg. alert1 - Add this...
Improved Include Page <= 1.2 - Contributor+ Arbitrary Posts/Pages Access
The plugin allows passing shortcode attributes with posttype & poststatus which can be used to retrieve arbitrary content. This way, users with a role as low as Contributor can gain access to content they are not supposed to. PoC include-page allowtype="post" allowstatus="draft" id="131"...
Get Custom Field Values < 4.0.1 - Contributor+ Stored Cross-Site Scripting
The plugin does not escape custom fields before outputting them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks As a contributor, create a custom field in a post, with the following payload: alert1 Then add the following shortcode to...
Get Custom Field Values < 4.0.1 - Contributor+ Stored Cross-Site Scripting
The plugin does not escape custom fields before outputting them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks PoC As a contributor, create a custom field in a post, with the following payload: Then add the following shortcode to the...
CVE-2021-24669
The MAZ Loader – Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loaderid parameter of the mzldr shortcode, which allows users with a role as low as Contributor to perform SQL injection...
PDF.js Viewer < 2.0.2 - Contributor+ Stored Cross-Site Scripting
The plugin does not escape some of its shortcode and Gutenberg Block attributes, which could allow users with a role as low as Contributor to to perform Cross-Site Scripting attacks PoC pdfjs-viewer searchterm='" onload="alert/XSS/' pdfjs-viewer viewerwidth=0 viewerheight=800 url=undefined...
WordPress SQL注入漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The WordPress plugin is a WordPress open source application plugin. The WordPress plugin is vulnerable to SQL injection, which stems from the fact that The MAZ Loader plugin does not validate or...
Cost Calculator <= 1.4 - Contributor+ Local File Inclusion
The plugin allows users with a role as low as Contributor to perform path traversal and local PHP file inclusion on Windows Web Servers via the Cost Calculator post's Layout As a contributor, create a Cost Calculator post, set the Layout to /../../../../../../../../../../file assuming the file to...
CVE-2021-24682
The Cool Tag Cloud WordPress plugin before 2.26 does not escape the style attribute of the cooltagcloud shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...
CVE-2021-24699
The Easy Media Download WordPress plugin before 1.1.7 does not escape the text argument of its shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...
CVE-2021-24414
The Video Player for YouTube WordPress plugin before 1.4 does not sanitise or validate the parameters from its shortcode, allowing users with a role as low as contributor to set Cross-Site Scripting payload in them which will be triggered in the page/s with the embed malicious shortcode...