WordPress AceIDE plugin <= 2.6.2 - Authenticated Local File Inclusion vulnerability

Authenticated Local File Inclusion vulnerability discovered by Shreya Pohekar Codevigilant Project in WordPress AceIDE plugin versions = 2.6.2. Solution This plugin has been closed as of June 1, 2021 and is not available for download. Reason: Security Issue...

WordPress iQ Block Country plugin <= 1.2.11 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Authenticated Persistent Cross-Site Scripting XSS vulnerability discovered by Vlad Visse Patchstack Red Team in WordPress iQ Block Country plugin versions = 1.2.11. Vulnerable parameter: &blockcountryblockmessage. Solution Update the WordPress iQ Block Country plugin to the latest available versi...

WordPress Quiz Maker plugin <= 6.2.0.8 - Multiple Authenticated Blind SQL Injection (SQLi) vulnerabilities

Multiple Authenticated Blind SQL Injection SQLi vulnerabilities discovered by To Quang Duong in the WordPress Quiz Maker plugin versions = 6.2.0.8. Solution Update the WordPress Quiz Maker plugin to the latest available version at least 6.2.0.9...

WordPress Export Users With Meta plugin <= 0.6.4 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Asif Nawaz Minhas in WordPress Export Users With Meta plugin versions = 0.6.4. Solution Update the WordPress Export Users With Meta plugin to the latest available version at least 0.6.5...

WordPress Yes/No Chart plugin <= 1.0.11 - Authenticated Blind SQL Injection (SQLi) vulnerability

Authenticated Blind SQL Injection SQLi vulnerability discovered by Apple502j in WordPress Yes/No Chart plugin versions = 1.0.11. Solution Update the WordPress Yes/No Chart plugin to the latest available version at least 1.0.12...

WordPress Easy Google Maps plugin <= 1.9.31 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by 0xB9 in WordPress Easy Google Maps plugin versions = 1.9.31. Solution Update the WordPress Easy Google Maps plugin to the latest available version at least 1.9.32...

WordPress Tutor LMS plugin <= 1.8.7 - Authenticated Local File Inclusion vulnerability

Authenticated Local File Inclusion vulnerability discovered by sasa in WordPress Tutor LMS plugin versions = 1.8.7 Solution Update the WordPress Tutor LMS plugin to the latest available version at least 1.8.8...

WordPress <= 5.5.1 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Erwan LR in WordPress versions = 5.5.1. Solution Update the WordPress to the latest available version at least 5.5.2...

WordPress Import XML and RSS Feeds plugin <= 2.0.1 - Server-Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability discovered by Suzhou Aurora Infinity Information Technology Co., Ltd. in WordPress Import XML and RSS Feeds plugin versions = 2.0.1. Solution Update the WordPress Import XML and RSS Feeds plugin to the latest available version at least 2.0.2...

WordPress Chop Slider 3 plugin <= 3.4 - Blind SQL injection (SQLi) vulnerability

Blind SQL injection SQLi vulnerability found by Callum Murphy in WordPress Chop Slider 3 plugin versions = 3.4. Solution 2021-01-12 - we were unable to find a patched version of this plugin...

WordPress Caldera Forms plugin <=1.5.9.1 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found by Federico Scalco in WordPress Caldera Forms versions =1.5.9.1. Solution Update the WordPress Caldera Forms plugin to the latest available version at least 1.6.0...

WordPress Category Order and Taxonomy Terms Order plugin <=1.5.2.2 - Authenticated PHP Object Injection vulnerability

Authenticated PHP Object Injection vulnerability found in WordPress Category Order and Taxonomy Terms Order plugin versions =1.5.2.2. Solution Update the WordPress Category Order and Taxonomy Terms Order plugin to the latest available version at least 1.5.3...

WordPress Ninja Forms plugin <=3.2.13 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found by Kasper Karlsson in WordPress Ninja Forms plugin versions = 3.2.13. Solution Update the WordPress Ninja Forms plugin to the latest available version at least 3.2.14...

WordPress <= 4.5.2 - Session Hijacking

This vulnerability allows an attacker to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/revision.php. Solution Update WordPress...

WordPress Collne Welcart e-Commerce Plugin <= 1.8.2 - XSS

This vulnerability allows an attacker to inject arbitrary web script or HTML via unspecified vectors. Solution Update the plugin...

WordPress Pie Register Plugin <= 2.0.18 - Multiple SQL Injection

An SQL Injection exsist in pie-register/pie-register.php. It allows the administrators to execute arbitrary SQL commands via the 1. selectinvitaioncodebulkoption or 2. invidelid parameter in the pie-invitation-codes page to wp-admin/admin.php. Solution Update the plugin...

WordPress Appointment Booking Calendar Plugin <= 1.1.7 - SQL Injection

This vulnerability allows an attacker to execute arbitrary SQL commands via unspecified vectors that are related to updating the username. Solution Update the plugin...

WordPress Symposium Plugin 15.1 - SQL Injection #2

WP Symposium plugin's "size" parameter is prone to an SQL injection via getalbumitem.php. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Related records:...

WordPress <= 4.3.0 - BYPASS

The vulnerability is in the XMLRPC subsystem, in wp-includes/class-wp-xmlrpc-server.php. It allows an authenticated user to bypass intended access restrictions via unspecified vectors. Solution Update WordPress...

WordPress ReFlex Gallery Plugin <= 3.1.3 - Unrestricted File Upload

This vulnerability is in admin/scripts/FileUploader/php.php. It allows an attacker to execute arbitrary PHP code by uploading a file with a PHP extension. And then an attacker can access it via a direct request to the file in uploads/ directory. Solution Update the plugin...

WordPress WP Membership Plugin 1.2.3 - Multiple Vulnerabilities

There are multiple vulnerabilities in this WordPress Membership plugin. 1. Privilege escalation. Because of this vulnerability, an attacker can take administrative role to the infected website via "ivmembershipupdateusersettings" AJAX action. 2. Stored XSS allows an attacker to login as regular...

WordPress Apptha Video Gallery Plugin <= 2.7 - SQL Injection

Because of this vulnerability, the attackers can execute arbitrary SQL commands via the "vid" parameter in a rss action to wp-admin/admin-ajax.php. Solution Update the plugin...

WordPress Web Dorado Spider Event Calendar Plugin 1.4.9 - SQL Injection

This Web Dorado Spider Event Calendar plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...

WordPress Video Gallery Plugin 2.7.0 - SQL Injection

This WordPress Video Gallery plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...

WordPress Apptha Video Gallery Plugin <= 2.5 - Multiple XSS

These vulnerabilities allow authenticated users to inject arbitrary web script or HTML via the "videoadssearchQuery" parameter. Solution Update the plugin...

WordPress Pods Plugin <= 2.4 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "id" parameter in the pods page to wp-admin/admin.php. Solution Update the plugin...

WordPress WP Google Maps Plugin <= 6.0.26 - Multiple XSS

Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML via the "polyid" parameter. Solution Update the plugin...

WordPress Yahoo! Updates Plugin <= 1.0 - Multiple XSS

Because of these multiple vulnerabilities in yupdatesapplication.php, the attackers can inject arbitrary web script or HTML via the 3 parameters: "secret", appid" or "key". Solution Update the plugin...

WordPress Login Rebuilder Plugin <= 1.1.9 - CSRF

Because of this vulnerability, the attackers can hijack the authentication of arbitrary users. Solution Update the plugin...

WordPress AdRotate Plugin 3.9.4 - SQL Injection

This WordPress AdRotate plugin's clicktracker.php "track param" parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin to 3.9.5...

WordPress Landing Pages Plugin <=1.2.3 - SQL Injection

Because of this vulnerability, the attackers can execute arbitrary SQL commands via the "post" parameter to index.php. Solution Update the plugin...

WordPress <= 3.6.0 - Cross Site Scripting #2

Because of this vulnerability, remote authenticated users can conduct cross-site scripting attacks via a crafted file, that is related to the getallowedmimetypes function in wp-includes/functions.php. Solution Update WordPress...

WordPress <= 3.5.1 - Denial of Service Attacks

This WordPress version is prone to denial of service attacks via a crafted value of a certain wp-postpass cookie. Solution Update WordPress...

WordPress Uk Cookie plugin <= 1.0 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability discovered by nauty.me04 in WordPress Uk Cookie plugin versions = 1.0 Solution Update the WordPress Uk Cookie plugin to the latest available version at least 1.1...

WordPress <= 3.4.1 - BYPASS

Because of this vulnerability, remote authenticated users can bypass intended access restrictions and publish new posts by leveraging the Contributor role and using the Atom Publishing Protocol feature. Solution Update the plugin...

WordPress <= 3.3.1 - XSS #1

This vulnerability is in the wp-comments-post.php. It allows the attackers to conduct XSS attacks via unspecified vectors. Solution Update WordPress...

WordPress <= 3.3.1 - BYPASS

This vulnerability allows the authenticated site administrators to bypass intended access restrictions via unspecified vectors. Solution Update WordPress...

WordPress YouSayToo Auto-Publishing Plugin 1.0 - Cross Site Scripting

WordPress YouSayToo Auto-Publishing plugin's "submit" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacke...

WordPress Relocate Upload Plugin 0.14 - Remote File Inclusion

This Relocate Upload plugin is prone to remote file include vulnerability. It allows an attacker to include a remote file and get access to the server. Solution Upgrade the plugin...

WordPress <= 3.1.2 - Multiple Unspecified Remote vulnerabilities

Because of these vulnerabilities, the attackers can determine usernames of non-authors via canonical redirects. Solution Update WordPress...

WordPress Forum Server Plugin 1.6.5 - SQL Injection

WordPress Forum Server plugin is prone to an SQL injection. This vulnerability exists because of failure in the "index.php" script to properly clean up user-supplied input in "searchmax" variable and in the "/wp-content/plugins/forum-server/feed.php" script to properly sanitize user-supplied inpu...

WordPress <= 2.8.2 - Multiple Vulnerabilities #1

Because of these vulnerabilities, the attackers can make unauthorized edits or additions via a direct request to edit-category-form.php, edit-pages.php, edit-comments.php, edit-link-category-form.php, or edit.php. Solution Update WordPress...

WordPress Photoracer Plugin 1.0 - SQL Injection Vulnerability

SQL injection vulnerability found in viewimg.php line 16. It allows the attacker to execute arbitrary commands via the 'imgid' parameter against the database. Solution Update plugin...

WordPress <= 2.6.9 - Open Redirection

Because of this vulnerability in wp-admin/upgrade.php, the attackers can redirect users to arbitrary web sites and conduct phishing attacks via a URL in the "backto" parameter. Solution Update WordPress...

WordPress <= 2.6.1 - SQL Truncation Vulnerability #2

The attackers can change an arbitrary user's password to a random value by registering a similar username and then requesting a password reset, related to a "SQL column truncation vulnerability.", because this WordPress does not properly handle MySQL warnings about insertion of username strings...

WordPress <= 2.2.2 - BYPASS

The attackers can bypass intended access restrictions for certain pages, because wp-includes/vars.php does not properly extract the current path from the PATHINFO. Solution Update WordPress...

WordPress <= 2.0.11 - XSS

Because of this vulnerability in wp-db-backup.php, the attackers can inject arbitrary web script or HTML via the "backup" parameter in a wp-db-backup.php action to wp-admin/edit.php. Solution Update the WordPress...

WordPress Classic Theme <= 1.5 - XSS

Because of this vulnerability in index.php, the attackers can inject arbitrary web script or HTML via the PATHINFO. Solution Update the theme...

WordPress <= 2.1.2 - SQL Injection vulnerability

Because of this vulnerability in xmlrpc, the authenticated users can execute arbitrary SQL commands. Solution Update the WordPress to the latest available version at least 2.1.3...

WordPress <= 2.1.2 RC2 - XSS

Because of this vulnerability in wp-admin/vars.php, the authenticated users with theme privileges can inject arbitrary web script or HTML via the PATHINFO. Solution Update the WordPress to the latest available version at least 2.1.3...