266325 matches found
CVE-2026-11579
The CVE concerns the Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin, affected versions prior to 2.4.17. The vulnerability arises because the plugin does not verify that a file upload is initiated against an existing form configured with a file-upload field. As a result, unauth...
CVE-2026-11580
The CVE-2026-11580 entry concerns the Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin, affected up to version 2.4.17. The vulnerability arises because the post-duplication AJAX action does not perform a per-object capability check, enabling users with Contributor-level access o...
CVE-2026-13001
Affected software : Podlove Podcast Publisher for WordPress. Vulnerability : arbitrary file uploads caused by missing file type validation in the podlove_handle_cache_files function, affecting all versions up to and including 4.5.1. Impact : unauthenticated attackers could upload arbitrary files ...
WordPress NewStatPress 0.9.8 - SQL Injection
WordPress NewStatPress 0.9.8 plugin contains a SQL injection vulnerability in includes/nspsearch.php. A remote authenticated user can execute arbitrary SQL commands via the where1 parameter in the nspsearch page to wp-admin/admin.php. id: CVE-2015-4062 info: name: WordPress NewStatPress 0.9.8 - S...
WordPress Permalink Manager <2.2.15 - Cross-Site Scripting
WordPress Permalink Manager Lite and Pro plugins before 2.2.15 contain a reflected cross-site scripting vulnerability. They do not sanitize and escape query parameters before outputting them back in the debug page. id: CVE-2022-0201 info: name: WordPress Permalink Manager 2.2.15 - Cross-Site...
WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting
WordPress W3 Total Cache plugin before 2.1.4 is susceptible to cross-site scripting within the extension parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This can allow an attacker to convince an authenticated admin into clicking a link to run...
WordPress Church Admin <0.810 - Cross-Site Scripting
WordPress Church Admin plugin before 0.810 allows remote attackers to inject arbitrary web script or HTML via the address parameter via index.php/2015/05/21/churchadmin-registration-form/. id: CVE-2015-4127 info: name: WordPress Church Admin 0.810 - Cross-Site Scripting author: daffainfo severity...
Shortcode Ninja <= 1.4 - Cross-Site Scripting
A cross-site scripting vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter. id: CVE-2014-4550 info: name: Shortcode Ninja = 1.4 - Cross-Site Scripting...
Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload
The plugin does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE. id: CVE-2023-4666 info: name: Form-Maker 1.15.20 - Unauthenticated Arbitrary File Upload author: pussycat0x severity: critical...
WordPress Core - Post Author Email Disclosure
WordPress Core is vulnerable to Sensitive Information Exposure in versions between 4.7.0 and 6.3.1 via the User REST endpoint. While the search results do not display user email addresses unless the requesting user has the 'listusers' capability, the search is applied to the useremail column. id:...
WordPress Popup Builder <= 4.2.3 - Unauthenticated Stored XSS
The Popup Builder WordPress plugin before 4.2.3 does not prevent simple visitors from updating existing popups, and injecting raw JavaScript in them, which could lead to Stored XSS attacks. id: CVE-2023-6000 info: name: WordPress Popup Builder = 4.2.3 - Unauthenticated Stored XSS author: riteshs4...
WordPress WPB Show Core <= 2.2 - Server-Side Request Forgery
The WPB Show Core WordPress plugin through version 2.2 is vulnerable to Server-Side Request Forgery SSRF via the 'path' parameter in the download-file.php script. This vulnerability allows unauthenticated attackers to make the server perform requests to arbitrary URLs. id: CVE-2023-5974 info: nam...
Woo Bulk Price Update <2.2.2 - Cross-Site Scripting
The Woo Bulk Price Update WordPress plugin, in versions 2.2.2, is affected by a reflected cross-site scripting vulnerability in the 'page' parameter to the technogetproducts action, which can only be triggered by an authenticated user. id: CVE-2023-28665 info: name: Woo Bulk Price Update 2.2.2 -...
tagDiv Composer < 4.2 - Stored Cross-Site Scripting
tagDiv Composer plugin versions before 4.2 for WordPress are vulnerable to unauthenticated stored XSS via the /wp-json/tdw/savecss endpoint. An attacker can inject malicious JavaScript code through the compiledcss parameter, which gets stored and executed when the CSS is loaded. id: CVE-2023-3169...
Custom Field Manager WordPress - Cross-Site Scripting
Custom Field Manager WordPress plugin through 1.0 contains a reflected XSS caused by unsanitized and unescaped parameter output, letting attackers execute scripts against high privilege users such as admin, exploit requires crafted request. id: CVE-2024-12873 info: name: Custom Field Manager...
Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Remote Code Execution
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute code on t...
WordPress Restrict User Access <= 2.5 - Cross-Site Scripting
WordPress Restrict User Access – Membership Plugin with Force versions before 2.6 is vulnerable to Reflected Cross-Site Scripting via the 'ruasection' parameter in the admin level edit page. id: CVE-2024-29138 info: name: WordPress Restrict User Access = 2.5 - Cross-Site Scripting author: Shivam...
Chartify – WordPress Chart Plugin < 2.9.6 - Local File Inclusion
The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the executio...
WordPress Campress Theme <= 1.35 - Unauthenticated Local File Inclusion
Campress theme for WordPress up to 1.35 contains a local file inclusion caused by 'campresswoocommercegetajaxproducts' function, letting unauthenticated attackers include and execute arbitrary PHP files, exploit requires no authentication. id: CVE-2024-10763 info: name: WordPress Campress Theme =...
Contest Gallery - Broken Access Control
Contest Gallery from n/a through 23.1.2 contains an exposure of sensitive information to an unauthorized actor caused by insufficient access controls, letting attackers access sensitive data, exploit requires no specific conditions. id: CVE-2024-43283 info: name: Contest Gallery - Broken Access...