EUVD-2021-11108

Malware in sbrugna...

📄 Anant Addons for Elementor 1.1.5 CSRF / Arbitrary Plugin Installation

Anant Addons for Elementor versions 1.1.5 and below cross site request forgery proof of concept that allows for arbitrary plugin installation. 🛡️ Anant Addons for Elementor Anant Addons for Elementor body background-color: 111; color: 0f0; font-family: monospace;...

WordPress plugin Hunk Companion 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in...

CVE-2023-2877

The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality for installing add-ons. This allows a user with a role as low as Subscriber to install and activate arbitrary plugins of arbitrary versions from the...

Authorization

The Gutenberg Template Library & Redux Framework plugin = 4.2.11 for WordPress used an incorrect authorization check in the REST API endpoints registered under the “redux/v1/templates/” REST Route in “redux-templates/classes/class-api.php”. The permissionscallback used in this file only checked f...

CVE-2021-24192

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install...

CVE-2021-24192

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install...

CVE-2021-24190

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog,...

CVE-2021-24191

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the WP Maintenance Mode & Site Under Construction WordPress plugin before 1.8.2, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blo...

Design/Logic Flaw

In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, low level users, such as subscribers, could use the importfromdebug AJAX action to install any plugin from the WordPress repository...

WordPress plugin WP Maintenance Mode & Site Under Construction 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . An authorization issue vulnerability exists in versions o...

Multiple WP-Buy Plugins - Arbitrary Plugin Installation/Activation via Low Privilege User

Low privileged users could use the AJAX action "cppluginsdobuttonjoblatercallback" from multiple plugins of the WP-Buy vendor, to install any plugin including a specific version from the WordPress repository, which helps attackers install vulnerable plugins and could lead to more critical...

Redirection for Contact Form 7 < 2.3.4 - Authenticated Arbitrary Plugin Installation

In the plugin, low level users, such as subscribers, could use the importfromdebug AJAX action to install any plugin from the WordPress repository. PoC $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever', 'wp-submit' = 'Log+In', ; $output = curlexec$ch; curlclose$ch; // Install some plugins $ch =...

Imagements <= 1.2.5 - Unauthenticated Arbitrary File Upload to RCE

The Imagements WordPress plugin, versions = 1.2.5, allowed images to be uploaded in comments, however, only checked for the Content-Type HTTP header for validation, which can be tampered with. This allows unauthenticated attackers to upload arbitrary files by using a valid image Content-Type head...

WordPress Teaser Maker plugin <= 0.1.114 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found by WPScan security research team in WordPress Teaser Maker plugin versions = 0.1.114. Solution 2020-02-15 - we were unable to find a patched version of this plugin. Notice from WordPress plugin repository: "This plugin has been closed as of January 14,...