CVE-2024-0673

The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

WordPress Plugin CM Download Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2024-1508 Prime Slider – Addons For Elementor <= 3.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Mercury Widget

The Prime Slider – Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'settings'titletags'' attribute of the Mercury widget in all versions up to, and including, 3.13.2 due to insufficient input sanitization and output escaping. This makes it possible f...

PT-2024-17551

Name of the Vulnerable Software and Affected Versions Exclusive Addons for Elementor versions through 2.6.9 Description The Exclusive Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the data attribute. This is due to insufficient input sanitization...

CVE-2024-1978

The Friends plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.5 via the discoveravailablefeeds function. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary...

PT-2024-15248 · WordPress · Login As User/Customer

Name of the Vulnerable Software and Affected Versions: Login as User or Customer WordPress plugin versions 3.8 and earlier Description: The issue allows users to log in as any other user on the site, potentially leading to complete administrator account takeover. It is crucial to keep WordPress...

CVE-2023-3372 Lana Shortcodes < 1.2.0 - Contributor+ Stored XSS

The Lana Shortcodes WordPress plugin before 1.2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which allows users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2021-24559 Qyrr < 0.7 - Authenticated (contributor+) Stored XSS

The Qyrr WordPress plugin before 0.7 does not escape the data-uri of the QR Code when outputting it in a src attribute, allowing for Cross-Site Scripting attacks. Furthermore, the datauritometa AJAX action, available to all authenticated users, only had a CSRF check in place, with the nonce...

CVE-2023-6582

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.3 via the ekitwidgetareacontent function. This makes it possible for unauthenticated attackers to obtain contents of posts in draft, private or pending...

Simple Tweet <= 1.4.0.2 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

PT-2023-24570 · WordPress · Read More & Accordion

Name of the Vulnerable Software and Affected Versions: Read More & Accordion WordPress plugin versions prior to 3.2.7 Description: The issue allows high-privilege users, such as admins, to perform PHP Object Injection when a suitable gadget is present, due to the unserialize of user input provide...

PT-2023-28628 · WordPress · Wp Matterport Shortcode

Name of the Vulnerable Software and Affected Versions: WP Matterport Shortcode WordPress plugin versions prior to 2.1.8 Description: The issue is related to the WP Matterport Shortcode WordPress plugin, which does not validate and escape some of its shortcode attributes before outputting them bac...

CVE-2023-4915 WP User Control <= 1.5.3 - Insecure Password Reset Mechanism

The WP User Control plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 1.5.3. This is due to the plugin using native password reset functionality, with insufficient validation on the password reset function in the WP User Control Widget. The functi...

PT-2023-31069 · WordPress · Wp User Control

Name of the Vulnerable Software and Affected Versions: WP User Control plugin for WordPress versions up to, and including 1.5.3 Description: The issue arises from the plugin's use of native password reset functionality with insufficient validation on the password reset function in the WP User...

PT-2023-12529 · WordPress · The Forminator Forms

Name of the Vulnerable Software and Affected Versions: The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress versions up to, and including, 1.13.4 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the...

CVE-2023-2812 Ultimate Dashboard < 3.7.6 - Admin+ Stored XSS

The Ultimate Dashboard WordPress plugin before 3.7.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2020-36701

The Page Builder: KingComposer plugin for WordPress is vulnerable to Arbitrary File Uploads in versions up to, and including, 2.9.3 via the 'processbulkaction' function in the 'kingcomposer/includes/kc.extensions.php' file. This makes it possible for authenticated users with author level...

WordPress Plugin Wordable 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-15322 · WordPress · Viadat Creations Store Locator For Wordpress With Google Maps – Lotsoflocales

Name of the Vulnerable Software and Affected Versions: Viadat Creations Store Locator for WordPress with Google Maps – LotsOfLocales plugin versions = 3.98.7 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintend...

CVE-2023-0498 WP Education < 1.2.7 - Arbitrary Plugin Activation via CSRF

The WP Education WordPress plugin before 1.2.7 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...