WordPress easy.jobs plugin < 2.4.7 - Subscriber+ Arbitrary Settings Update vulnerability

Subscriber+ Arbitrary Settings Update vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin EasyJobs versions 2.4.7...

WordPress Ultimate YouTube Video & Shorts Player With Vimeo plugin <= 3.3 - Missing Authorization to Authenticated (Subscriber+) Setting Exposure vulnerability

Missing Authorization to Authenticated Subscriber+ Setting Exposure vulnerability discovered by Mika in WordPress Plugin Ultimate YouTube Video & Shorts Player With Vimeo versions = 3.3...

Files Download Delay < 1.0.7 - Subscriber+ Settings Reset

The plugin does not have authorisation and CSRF checks when reseting its settings, which could allow any authenticated users, such as subscriber to perform such action. https://example.com/wp-admin/admin-ajax.php?action=ddlayrestoredefaults...

Files Download Delay < 1.0.7 - Subscriber+ Settings Reset

The plugin does not have authorisation and CSRF checks when reseting its settings, which could allow any authenticated users, such as subscriber to perform such action. PoC https://example.com/wp-admin/admin-ajax.php?action=ddlayrestoredefaults...

CVE-2021-24971 WP Responsive Menu < 3.1.7.1 - Subscriber+ Settings Update to Stored XSS

The WP Responsive Menu WordPress plugin before 3.1.7.1 does not have capability and CSRF checks in the wprliveupdate AJAX action, as well as do not sanitise and escape some of the data submitted. As a result, any authenticated, such as subscriber could update the plugin's settings and perform...

WordPress WP Responsive Menu plugin <= 3.1.7 - Subscriber+ Settings Update to Stored Cross-Site (XSS)

Subscriber+ Settings Update to Stored Cross-Site XSS discovered by Krzysztof Zając in WordPress WP Responsive Menu plugin versions = 3.1.7. Solution Update the WordPress WP Responsive Menu plugin to the latest available version at least 3.1.7.1...

WP Responsive Menu < 3.1.7.1 - Subscriber+ Settings Update to Stored XSS

The plugin does not have capability and CSRF checks in the wprliveupdate AJAX action, as well as do not sanitise and escape some of the data submitted. As a result, any authenticated, such as subscriber could update the plugin's settings and perform Cross-Site Scripting attacks against all visito...

PPOM for WooCommerce < 24.0 - Subscriber+ Settings Update to Stored XSS

The plugin does not have authorisation and CSRF checks in the ppomsettingspanelaction AJAX action, allowing any authenticated to call it and set arbitrary settings. Furthermore, due to the lack of sanitisation and escaping, it could lead to Stored XSS issues 1. Use the new settings panel framewor...

Ibtana < 1.1.4.9 - Subscriber+ Settings Update to Stored XSS

The plugin does not have authorisation and CSRF checks in the ivesavegeneralsettings AJAX action, allowing any authenticated users, such as subscriber to call it and change the plugin's settings which could lead to Stored Cross-Site Scripting issue. Note: v1.1.4.7 added CSRF check, authorisation...

Ibtana < 1.1.4.9 - Subscriber+ Settings Update to Stored XSS

The plugin does not have authorisation and CSRF checks in the ivesavegeneralsettings AJAX action, allowing any authenticated users, such as subscriber to call it and change the plugin's settings which could lead to Stored Cross-Site Scripting issue. Note: v1.1.4.7 added CSRF check, authorisation...

WordPress Popup Builder 跨站脚本漏洞

WordPress Popup Builder is a WordPress open source application. Increase conversions and drive sales while achieving marketing goals. Popup Builder suffers from a cross-site scripting vulnerability that stems from the vulnerability of all subscriber settings pages to cross-site scripting...