ShopLentor < 2.8.9 - Authenticated Option Update

Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function. This makes it possible for authenticated attackers, with contributor-level access and above, to set arbitrary WordPress options to "true". NOTE: This...

WordPress Admin Page Spider Plugin <= 3.31 is vulnerable to Cross Site Scripting (XSS)

Software Admin Page Spider Type Plugin Vulnerable versions = 3.31 Fixed in 3.32 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2401 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 19b13ecee07e Credits Dikshita Trivedi...

WordPress Admin Bar Editor Plugin <= 1.0.2.2 is vulnerable to Broken Access Control

Software Admin Bar Editor Type Plugin Vulnerable versions = 1.0.2.2 Fixed in 1.0.23 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1716 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 919c0767c3fa Credits Lucio Sá Required privileg...

Top Bar < 3.0.5 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Go to "Top Bar" in WP Admin 2. Save...

WordPress Admin Bar & Dashboard Access Control Plugin <= 1.2.8 is vulnerable to Cross Site Scripting (XSS)

Software Admin Bar & Dashboard Access Control Type Plugin Vulnerable versions = 1.2.8 Fixed in 1.2.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-47184 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7931d5b9940f Credits Rachit Arora...

WordPress Admin and Site Enhancements (ASE) Plugin <= 5.7.1 is vulnerable to Bypass Vulnerability

Software Admin and Site Enhancements ASE Type Plugin Vulnerable versions = 5.7.1 Fixed in 5.8.0 OWASP Top 10 A1: Broken Access Control Classification Bypass Vulnerability CVE CVE-2023-46630 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 924c1b7a64df Credits Khalid Yusuf...

CVE-2023-3604

The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login page when accessing a crafted URL, bypassing the protection offered...

Cross site scripting

The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2023 does not sanitise and escape various parameters before outputting them back in admin dashboard pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as ad...

WordPress Admin CSS MU Plugin <= 2.6 is vulnerable to Server Side Request Forgery (SSRF)

Software Admin CSS MU Type Plugin Vulnerable versions = 2.6 Fixed in 2.7 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2022-40700 Patch priority Low CVSS severity Low 8.2 Developer Claim ownership PSID f8576e8732f6 Credits Dave Jong Patchstack Required privile...

The vulnerability in the implementation of the wp-admin/post.php script of the Easy Testimonials plugin for WordPress content management systems allows attackers to perform cross-site scripting attacks.

The vulnerability of the wp-admin/post.php script of the Easy Testimonials plugin for WordPress content management systems exists because no measures are taken to protect the structure of web pages when processing parameters such as Client Name, Position, Web Address, Other, Location Reviewed,...

WordPress plugin WP Edit Menu 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

Directorist - Business Directory Plugin < 7.2.3 - Admin+ Arbitrary File Upload

The plugin allows administrators to download other plugins from the same vendor directly to the site, but does not check the URL domain it gets the zip files from. This could allow administrators to run code on the server, which is a problem in multisite configurations. 1. Craft a custom zip file...

CVE-2022-0161

The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

CVE-2021-24522

The User Registration, User Profile, Login & Membership – ProfilePress Formerly WP User Avatar WordPress plugin before 3.1.11's widget for tabbed login/register was not properly escaped and could be used in an XSS attack which could lead to wp-admin access. Further, the plugin in several places...

Visitors <= 0.3 - Unauthenticated Stored Cross-Site Scripting (XSS)

The plugin is affected by an Unauthenticated Stored Cross-Site Scripting XSS vulnerability. The plugin would display the user's user agent string without validation or encoding within the WordPress admin panel. $ curl -i http://localhost:10008/ --user-agent "alert1" The payload will be executed o...

CVE-2020-35582

A stored cross-site scripting XSS issue in Envira Gallery Lite before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML code via a POST /wp-admin/post.php request with the posttitle parameter...

WordPress Page Builder Plugin Bugs Threaten 1 Million Sites with Full Takeover

Page Builder by SiteOrigin, a WordPress plugin with a million active installs that’s used to build websites via a drag-and-drop function, harbors two flaws that can allow full site takeover. According to researchers at WordPress, both security bugs can lead to cross-site request forgery CSRF and...

PT-2019-13837 · WordPress · Wp Google Maps

Name of the Vulnerable Software and Affected Versions: WP Google Maps plugin versions prior to 7.11.35 Description: The issue allows for XSS attacks via the "wp-admin/" endpoint, specifically through the rectangle name or rectangle opacity parameters. Recommendations: For versions prior to 7.11.3...

Appointment Hour Booking <= 1.1.45 - Stored Cross-Site Scripting (XSS)

It is possible for an unauthenticated user to inject malicious JavaScript into a booking form, which will then be executed when an authenticated user views the booking in the WordPress admin interface. PoC POST /booking-form/ HTTP/1.1 Host: test.local User-Agent: Mozilla/5.0 Macintosh; Intel Mac ...

Custom 404 Pro < 3.2.9 - Authenticated Reflected XSS

The Custom 404 Pro WordPress plugin was affected by an Authenticated Reflected XSS security vulnerability. Version...