Design/Logic Flaw

The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from...

WordPress Corsa Theme <= 1.5 is vulnerable to Arbitrary File Upload

Software Corsa Type Theme Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Arbitrary File Upload CVE CVE-2023-23970 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 4cf947f86882 Credits Dave Jong Patchstack Required privilege...

Materialis Companion < 1.3.40 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Required them...

CVE-2022-4114

The Superio WordPress theme does not sanitise and escape some parameters, which could allow users with a role as low as a subscriber to perform Cross-Site Scripting attacks...

CVE-2022-4239

The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed that it is an addon service, when processing the workreapaddonsserviceremove action, allowing any user to delete any post by knowing or guessing the id...

CVE-2022-4239 Workreap < 2.6.4 - Subscriber+ Arbitrary Posts Deletion via IDOR

The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed that it is an addon service, when processing the workreapaddonsserviceremove action, allowing any user to delete any post by knowing or guessing the id...

CVE-2022-4239 Workreap < 2.6.4 - Subscriber+ Arbitrary Posts Deletion via IDOR

The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed that it is an addon service, when processing the workreapaddonsserviceremove action, allowing any user to delete any post by knowing or guessing the id...

Mesmerize Companion < 1.6.135 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Required them...

Design/Logic Flaw

The Listingo WordPress theme before 3.2.7 does not validate files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files and lead to RCE...

CVE-2022-3921

CVE-2022-3921 affects the Listingo WordPress theme prior to version 3.2.7. The vulnerability arises because an AJAX upload action is accessible to unauthenticated users and does not validate uploaded files, permitting arbitrary file uploads and potentially remote code execution (RCE). Public writ...

CVE-2022-3846 Workreap - Freelance Marketplace and Directory < 2.6.3 - Subscriber+ Private Message Disclosure via IDOR

The Workreap WordPress theme before 2.6.3 has a vulnerability with the notifications feature as it's possible to read any user's notification employer or freelancer as the notification ID is brute-forceable...

WordPress theme Workreap 安全漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress theme is a theme for WordPress. A security vulnerability exists in WordPress theme Workreap versions prior to 2.6.3. An...

WordPress theme Download Theme and plugin translation for Polylang 安全漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. A security vulnerability exists in WordPress theme Download Theme and plugin translation for Polylang...

CVE-2022-41788

Auth. subscriber+ Cross-Site Scripting XSS vulnerability in Soledad premium theme = 8.2.5 on WordPress...

Debian DSA-5279-1 : wordpress - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5279 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The...

CVE-2022-2167

The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting...

CVE-2022-2627

The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting...

CVE-2022-2627

The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting...

PT-2022-15023 · WordPress · Newspaper

Name of the Vulnerable Software and Affected Versions: Newspaper WordPress theme versions prior to 12 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitized before being outputted back in an HTML attribute via an AJAX...

CVE-2022-2167 Newspaper < 12 - Reflected Cross-Site Scripting

The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting...