Popup Builder < 4.0.7 - SQL Injection

The Popup Builder WordPress plugin before 4.0.7 does not validate and properly escape the orderby and order parameters before using them in a SQL statement in the admin dashboard, which could allow high privilege users to perform SQL injection. id: CVE-2022-0228 info: name: Popup Builder 4.0.7 -...

WordPress Daily Prayer Time <2022.03.01 - SQL Injection

WordPress Daily Prayer Time plugin prior to 2022.03.01 contains a SQL injection vulnerability.. It does not sanitise and escape the month parameter before using it in a SQL statement via the getmonthlytimetable AJAX action, available to unauthenticated users, leading to SQL injection. id:...

WordPress Ninja Job Board < 1.3.3 - Direct Request

WordPress Ninja Job Board plugin prior to 1.3.3 is susceptible to a direct request vulnerability. The plugin does not protect the directory where it stores uploaded resumes, making it vulnerable to unauthenticated directory listing which allows the download of uploaded resumes. id: CVE-2022-2544...

ARMember < 3.4.8 - Unauthenticated Admin Account Takeover

The ARMember WordPress plugin before 3.4.8 is vulnerable to account takeover even the administrator due to missing nonce and authorization checks in an AJAX action available to unauthenticated users, allowing them to change the password of arbitrary users by knowing their username. id:...

WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery

WordPress Paytm Payment Gateway plugin through 2.7.0 contains a server-side request forgery vulnerability. An attacker can cause a website to execute website requests to an arbitrary domain, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized...

Wordpress Polls Widget < 1.5.3 - SQL Injection

The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the dateanswers POST parameter before using it in a SQL statement when sending a Poll result, allowing unauthenticated users to perform SQL Injection attacks id: CVE-2021-24442 inf...

WordPress Shareaholic <9.7.6 - Information Disclosure

WordPress Shareaholic plugin prior to 9.7.6 is susceptible to information disclosure. The plugin does not have proper authorization check in one of the AJAX actions, available to both unauthenticated before 9.7.5 and authenticated in 9.7.5 users, allowing them to possibly obtain sensitive...

WPvivid Backup & Migration <= 0.9.123 - Arbitrary File Upload

WPvivid Backup & Migration plugin for WordPress = 0.9.123 contains an unauthenticated arbitrary file upload vulnerability caused by improper error handling in RSA decryption and lack of path sanitization, letting unauthenticated attackers upload arbitrary PHP files and achieve remote code executi...

The Opal Estate Pro – Property Management <= 1.7.5 - Unauthenticated Privilege Escalation

The Opal Estate Pro plugin ≤ 1.7.5 is vulnerable to privilege escalation. Due to missing role restrictions in the onregisteruser function, users can register with any role. This allows unauthenticated attackers to create administrator accounts. id: CVE-2025-6934 info: name: The Opal Estate Pro –...

Membership Database <= 1.0 - Cross-Site Scripting

Membership Database before 1.0 is susceptible to cross-site scripting via the tab parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker t...

JS Help Desk <= 2.8.1 - SQL Injection

The JS Help Desk – Best Help Desk & Support Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘email' and 'trackingid' parameters in all versions up to 2.8.2 exclusive due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...

WordPress 10Web Map Builder < 1.0.73 - Unauthenticated SQL Injection

The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection id: CVE-2023-0037 info: name: WordPress 10Web Map...

WP-Optimize WordPress plugin < 3.2.13 - Cross-Site Scripting

The WP-Optimize WordPress plugin before 3.2.13 and SrbTransLatin WordPress plugin before 2.4.1 are vulnerable to cross-site scripting due to a third-party library that improperly handles HTML character escaping. id: CVE-2023-1119 info: name: WP-Optimize WordPress plugin 3.2.13 - Cross-Site...

Jeecg P3 Biz Chat - Local File Inclusion

Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters. id: CVE-2023-33510 info: name: Jeecg P3 Biz Chat - Local File Inclusion author: DhiyaneshDK severity: high description: | Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files...

WordPress MyPixs <=0.3 - Local File Inclusion

WordPress MyPixs 0.3 and prior contains a local file inclusion vulnerability. id: CVE-2015-1000012 info: name: WordPress MyPixs =0.4 or apply the vendor-provided patch to fix the LFI vulnerability. reference: - https://wpscan.com/vulnerability/24b83ce5-e3b8-4262-b087-a2dfec014985 -...

WordPress StageShow <5.0.9 - Open Redirect

WordPress StageShow plugin before 5.0.9 contains an open redirect vulnerability in the Redirect function in stageshowredirect.php. A remote attacker can redirect users to arbitrary web sites and conduct phishing attacks via a malicious URL in the url parameter. id: CVE-2015-5461 info: name:...

WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting

A cross-site scripting vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the apiurl parameter. id: CVE-2014-4558 info: name: WooCommerce Swipe = 2.7.1 - Cross-Site...

WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting

WordPress Sunshine Photo Cart plugin before 2.9.15 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affecte...

Ubigeo de Peru < 3.6.4 - SQL Injection

The plugin does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections. id: CVE-2022-0814 info: name: Ubigeo de Peru 3.6.4 - SQL Injection author: r3Y3r53...

Duplicator < 1.4.7.1 - Information Disclosure

The Duplicator WordPress plugin before 1.4.7 does not authenticate or authorize visitors before displaying information about the system such as server software, php version and full file system path to the site. id: CVE-2022-2552 info: name: Duplicator 1.4.7.1 - Information Disclosure author:...