Lucene search
K

12 matches found

GithubExploit
GithubExploit
added 2024/06/19 6:7 p.m.658 views

Exploit for Improper Authentication in Elementor Website_Builder

CVE-2023-47504 POC Exploit for CVE-2023-47504. According to N...

9.8CVSS8.7AI score0.01452EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2024/01/08 7:0 p.m.18 views

CVE-2023-5235 Ovic Responsive WPBakery < 1.2.9 - Subscriber+ Option Update

The Ovic Responsive WPBakery WordPress plugin before 1.2.9 does not limit which options can be updated via some of its AJAX actions, which may allow attackers with a subscriber+ account to update blog options, such as 'userscanregister' and 'defaultrole'. It also unserializes user input in the...

7.3AI score0.0056EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/01/08 7:0 p.m.5 views

CVE-2023-6139 Essential Real Estate < 4.4.0 - Subscriber+ Denial of Service via Arbitrary Option Update

The Essential Real Estate WordPress plugin before 4.4.0 does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Denial of Service attacks...

6.3AI score0.00609EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/01/08 12:0 a.m.6 views

PT-2024-14888 · WordPress · Essential Real Estate

Name of the Vulnerable Software and Affected Versions: The Essential Real Estate WordPress plugin versions prior to 4.4.0 Description: The issue arises from the plugin not applying proper capability checks on its AJAX actions. This allows attackers with a subscriber account to conduct Stored XSS...

5.4CVSS5.2AI score0.00403EPSS
Exploits2References5
WPVulnDB
WPVulnDB
added 2023/12/18 12:0 a.m.17 views

Essential Real Estate < 4.4.0 - Subscriber+ Stored XSS

Description The plugin does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Stored XSS attacks. PoC 1. Login with a subscriber account, and visit https://vulnerable-site.tld/wp-admin/profile.php?action=delete...

5.4CVSS5.4AI score0.00403EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/12/05 12:0 a.m.75 views

Welcart e-Commerce < 2.8.5 - Subscriber+ Arbitrary File Access

The plugin does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server. Run the below command in the developer console of the we...

6.5CVSS0.00795EPSS
Exploits2
wpexploit
wpexploit
added 2022/06/02 12:0 a.m.105 views

HTML2WP <= 1.0.0 - Subscriber+ Arbitrary File Deletion

The plugin does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary file To delete the license.txt at the root of the blog: await...

8.1CVSS0.4AI score0.00532EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.17 views

Filr - Secure Document Library < 1.2.2.1 - Subscriber+ AJAX Calls

The plugin does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. They are are protected with a nonce, however the nonce is leaked on the dashboard. This could allow them to upload arbitrary HTML files as well as...

8.8CVSS0.01263EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/05/17 12:0 a.m.131 views

WP Athletics <= 1.1.7 - Subscriber+ Stored Cross-Site Scripting

The plugin does not sanitize parameters before storing them in the database, nor does it escape the values when outputting them back in the admin dashboard, leading to a Stored Cross-Site Scripting vulnerability. - Log on to the site using a subscriber account. - On the page the shortcode is...

5.4CVSS0.5AI score0.00571EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2020/02/06 12:0 a.m.6 views

Ultimate Membership Pro < 8.6.1 - Multiple Critical Vulnerabilities

Multiple Critical Vulnerabilities found in Ultimate Membership Pro could leads to Authenticated using a low privilege account, such as subscriber Remote Code Execution on default Installation, as well as PII disclosure such as emails, IP addresses, hashed passwords, usernames, User-Agent and so o...

8.1AI score
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2018/07/19 1:22 p.m.33 views

Critical Authentication Flaws in Cisco Policy Suite Patched

Cisco has patched four critical security vulnerabilities surrounding a lack of authentication requirements in its Policy Suite for mobile carriers. These would allow remote attackers to potentially exfiltrate information, compromise wireless subscriber account information, meddle with databases o...

10CVSS1.2AI score0.0379EPSS
Exploits0References15
seebug.org
seebug.org
added 2017/07/04 12:0 a.m.27 views

WP Statistics SQL Injection vulnerability

Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins, that is currently installed on over 300,000 websites. The SQL Injection vulnerability in WP Statistics could be exploited by attackers, with at least a subscriber...

8.2AI score
Exploits0
Rows per page
Query Builder