Lucene search
+L

470 matches found

Nuclei
Nuclei
added yesterday28 views

Error Log Viewer By WP Guru <= 1.0.1.3 - Missing Authorization to Arbitrary File Read

The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wpajaxnoprivelvwplogdownload AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, whi...

7.5CVSS7.9AI score0.46858EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday46 views

WordPress Simple Link Directory <7.7.2 - SQL injection

WordPress Simple Link Directory plugin before 7.7.2 contains a SQL injection vulnerability. The plugin does not validate and escape the postid parameter before using it in a SQL statement via the qcopdupvoteaction AJAX action, available to unauthenticated and authenticated users. An attacker can...

9.8CVSS8.8AI score0.10825EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday114 views

WordPress WPQA <5.5 - Improper Access Control

WordPress WPQA plugin before 5.5 is susceptible to improper access control. The plugin lacks authentication in a REST API endpoint. An attacker can potentially discover private questions sent between users on the site. id: CVE-2022-1598 info: name: WordPress WPQA 5.5 - Improper Access Control...

5.3CVSS5.8AI score0.05076EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday77 views

User Profile Picture < 2.5.0 - Sensitive Information Disclosure

The REST API endpoint getusers in the User Profile Picture WordPress plugin before 2.5.0 returned more information than was required for its functionality to users with the uploadfiles capability. This included password hashes, hashed user activation keys, usernames, emails, and other less...

7.5CVSS7.3AI score0.04788EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday113 views

Directorist < 7.5.4 - Local File Inclusion

Directorist before 7.5.4 is susceptible to Local File Inclusion as it does not validate the file parameter when importing CSV files. id: CVE-2023-2252 info: name: Directorist 7.5.4 - Local File Inclusion author: r3Y3r53 severity: low description: | Directorist before 7.5.4 is susceptible to Local...

2.7CVSS6.2AI score0.01342EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday131 views

Advanced Custom Fields < 6.1.6 - Cross-Site Scripting

Advanced Custom Fields beofre 6.1.6 is susceptible to cross-site scripting via the poststatus parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow th...

7.1CVSS7.2AI score0.38768EPSS
Exploits3References5
Nuclei
Nuclei
added yesterday55 views

FooGallery plugin <= 2.2.35 - Cross-Site Scripting

Reflected Cross-Site Scripting XSS vulnerability in FooPlugins FooGallery plugin = 2.2.35 versions. id: CVE-2023-29439 info: name: FooGallery plugin = 2.2.35 - Cross-Site Scripting author: theamanrawat severity: medium description: | Reflected Cross-Site Scripting XSS vulnerability in FooPlugins...

7.1CVSS6.9AI score0.01747EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday33 views

Store Locator WordPress < 1.4.13 - Cross-Site Scripting

The Store Locator WordPress plugin before 1.4.13 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. id: CVE-2023-4151 info: name: Store Locator...

6.1CVSS6.1AI score0.00645EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday137 views

LearnDash LMS < 4.10.2 - Sensitive Information Exposure

The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via API. This makes it possible for unauthenticated attackers to obtain access to quizzes. id: CVE-2024-1210 info: name: LearnDash LMS 4.10.2 - Sensitive Information...

5.3CVSS6.2AI score0.05285EPSS
Exploits3References5
Nuclei
Nuclei
added yesterday42 views

AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls

The plugin lacks sufficient access controls allowing an unauthenticated user to disconnect the plugin from OpenAI, thereby disabling the plugin. Multiple actions are accessible: ayschatgptdisconnect, ayschatgptconnect, and ayschatgptsavefeedback id: CVE-2024-7714 info: name: AI Assistant with...

7.5CVSS5.2AI score0.00848EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday38 views

Ditty < 3.1.25 - Cross-Site Scripting

The Ditty WordPress plugin before 3.1.25 does not sanitise and escape some parameters and generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. id: CVE-2023-4148 info: name: Ditty 3.1.25 ...

6.1CVSS6.7AI score0.00812EPSS
Exploits2References2
Nuclei
Nuclei
added yesterday24 views

Subscriber by BestWebSoft < 1.3.5 - Cross-Site Scripting

The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues. id: CVE-2017-18502 info: name: Subscriber by BestWebSoft 1.3.5 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues. impact: |...

6.1CVSS6AI score0.01652EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday31 views

WordPress heat-trackr 1.0 - Cross-Site Scripting

WordPress heat-trackr 1.0 contains a cross-site scripting vulnerability via heat-trackrabtestadd.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authenticati...

6.1CVSS6.3AI score0.03415EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday33 views

Safe Editor Plugin < 1.2 - CSS/JS-injection

The safe-editor plugin before 1.2 for WordPress has no sesave authentication, with resultant XSS. id: CVE-2016-10976 info: name: Safe Editor Plugin 1.2 - CSS/JS-injection author: Splint3r7 severity: medium description: | The safe-editor plugin before 1.2 for WordPress has no sesave authentication...

6.1CVSS6.2AI score0.01506EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday47 views

Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting

The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php. id: CVE-2016-10973 info: name: Brafton WordPress Plugin 3.4.8 - Cross-Site Scripting author: Harsh severity: medium description: | The Brafton plugin...

7.4CVSS6AI score0.01975EPSS
Exploits2References3
Nuclei
Nuclei
added yesterday46 views

WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting

WordPress Pondol Form to Mail 1.1 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authenticati...

6.1CVSS6.3AI score0.03462EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday24 views

Likes and Dislikes Plugin <= 1.0.0 - Unauthenticated SQL Injection

The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter in all versions up to, and including, 1.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

7.5CVSS5.8AI score0.02101EPSS
Exploits4References3
Nuclei
Nuclei
added yesterday74 views

Member Hero <=1.0.9 - Remote Code Execution

WordPress Member Hero plugin through 1.0.9 is susceptible to remote code execution. The plugin lacks authorization checks and does not validate the a request parameter in an AJAX action, allowing an attacker to call arbitrary PHP functions with no arguments. An attacker can thus execute malware,...

9.8CVSS9.1AI score0.09105EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday42 views

Limit Login Attempts (Spam Protection) < 5.1 - SQL Injection

The Limit Login Attempts Spam Protection WordPress plugin before 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions available to unauthenticated users, leading to SQL Injections. id: CVE-2022-0787 info: name: Limit Login Attempts Spam Protection...

9.8CVSS8.7AI score0.08852EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday35 views

WordPress RSVPMaker <=9.3.2 - SQL Injection

WordPress RSVPMaker plugin through 9.3.2 contains a SQL injection vulnerability due to insufficient escaping and parameterization on user-supplied data passed to multiple SQL queries in /rsvpmaker-email.php. An attacker can possibly obtain sensitive information, modify data, and/or execute...

9.8CVSS8AI score0.12003EPSS
Exploits3References5
Rows per page
Query Builder