WordPress ZoomSounds premium plugin <= 6.45 - Unauthenticated Directory Traversal vulnerability

Unauthenticated Directory Traversal vulnerability discovered by DigitalJessica Ltd in WordPress ZoomSounds premium plugin versions = 6.45. Solution Update the WordPress ZoomSounds premium plugin to the latest available version at least 6.50...

WordPress Duplicate Page plugin <= 4.4.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Nikhil Kapoor EsecForte in WordPress Duplicate Page plugin versions = 4.4.2. Solution Update the WordPress Duplicate Page plugin to the latest available version at least 4.4.3...

WordPress MicroCopy plugin <= 1.1.0 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Syed Sheeraz Ali in WordPress MicroCopy plugin versions = 1.1.0. Solution This plugin has been closed as of May 13, 2021 and is not available for download. Reason: Security Issue...

WordPress uListing plugin <= 2.0.5 - Modify User Roles via Cross-Site Request Forgery (CSRF) vulnerability

Modify User Roles via Cross-Site Request Forgery CSRF vulnerability discovered by m0ze Patchstack Red Team in WordPress uListing plugin versions = 2.0.5. Solution Update the WordPress uListing plugin to the latest available version at least 2.0.6...

WordPress Form Maker plugin <= 1.13.59 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Felipe Restrepo Rodriguez in WordPress Form Maker plugin versions = 1.13.59. Solution Update the WordPress Form Maker plugin to the latest available version at least 1.13.60...

WordPress Prismatic plugin <= 2.7 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by apple502j in WordPress Prismatic plugin versions = 2.7. Solution Update the WordPress Prismatic plugin to the latest available version at least 2.8...

WordPress YOP Poll plugin <= 6.2.7 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Toby Jackson in WordPress YOP Poll plugin versions = 6.2.7. Solution Update the WordPress YOP Poll plugin to the latest available version at least 6.2.8...

WordPress Patreon WordPress plugin <= 1.7.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Jetpack Scan team in WordPress Patreon WordPress plugin versions = 1.7.1. Solution Update the WordPress Patreon WordPress plugin to the latest available version at least 1.7.2...

WordPress NextGen Gallery plugin <= 3.4.7 - Cross-Site Request Forgery (CSRF) leading to XSS and RCE via file upload and LFI

Cross-Site Request Forgery CSRF leading to XSS and RCE via file upload and LFI found by WordFence in WordPress NextGen Gallery plugin versions = 3.4.7. Solution Update the WordPress NextGen Gallery plugin to the latest available version at least 3.5.0...

WordPress Elementor Website Builder plugin <= 2.9.13 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by Th3 Hidd3n 0n3 in WordPress Elementor Website Builder plugin versions = 2.9.13. Solution Update the WordPress Elementor Website Builder plugin to the latest available version at least 2.9.140...

WordPress Careerfy premium theme <= 4.0.0 - Multiple Cross-Site Scripting (XSS) vulnerabilities

Multiple Cross-Site Scripting XSS vulnerabilities discovered by m0ze in WordPress Careerfy premium theme versions = 4.0.0. Solution Update the WordPress Careerfy premium theme to the latest available version at least 4.1.0...

WordPress Contact Form 7 Datepicker plugin <= 2.6.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by WordFence in WordPress Contact Form 7 Datepicker plugin versions = 2.6.0. Solution This plugin has been closed as of April 1, 2020 and is not available for download. Reason: Security Issue...

WordPress LearnPress plugin <= 3.2.6.6 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered in WordPress LearnPress plugin versions = 3.2.6.6. Solution Update the WordPress LearnPress plugin to the latest available version at least 3.2.6.7...

WordPress CardGate Payments for WooCommerce plugin <= 3.1.15 - Payment Process Bypass vulnerability

Payment Process Bypass vulnerability discovered by GeekHack in WordPress CardGate Payments for WooCommerce plugin versions = 3.1.15. Solution Update the WordPress CardGate Payments for WooCommerce plugin to the latest available version at least 3.1.16...

WordPress Adaptive Images for WordPress plugin <= 0.6.66 - Local File Inclusion (LFI) vulnerability

Local File Inclusion LFI vulnerability found by Mark Gruffer in WordPress Adaptive Images for WordPress plugin versions = 0.6.66. Solution Update the WordPress Adaptive Images for WordPress plugin to the latest available version at least 0.6.67...

WordPress Virim plugin <= 0.4 - Unauthenticated Object Injection vulnerability

Unauthenticated Object Injection vulnerability found by Magnus K. Stubman in WordPress Virim plugin versions = 0.4. Solution 27 May 2019 - This plugin was closed and is no longer available for download...

WordPress Wise Chat plugin <= 2.6.3 - Reverse Tabnabbing vulnerability

Reverse Tabnabbing vulnerability found by MTK in WordPress Wise Chat plugin versions = 2.6.3. Solution Update the WordPress Wise Chat plugin to the latest available version at least 2.7...

WordPress GD Rating System plugin 2.3 - Cross-Site Scripting (XSS) vulnerability (4)

A fourth Cross-Site Scripting XSS vulnerability found by d4wner in WordPress GD Rating System plugin version 2.3. XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools page. Solution 1/9/2018 - we were unable to find a patched version of this plugin...

WordPress Z-URL Preview plugin <= 1.6.2 - Cross-Site Scripting (XSS) vulnerability

A Cross-Site Scripting XSS vulnerability found by Neorichi in WordPress Z-URL Preview plugin versions = 1.6.2. Vulnerable to Cross-Site Scripting via the class.zlinkpreview.php url parameter. Solution Update the WordPress Z-URL Preview plugin to the latest available version at least 2.0.0...

WordPress <=4.7.4 - Post Meta Data Values Improper Handling in XML-RPC API

WordPress versions starting from 2.5 to 4.7.4 have the improper handling of post meta data values in the XML-RPC Remote Procedure Call API. Discovered and reported by Sam Thomas. Solution Update WordPress core to the latest possible version at least 4.7.5...

WordPress <= 4.5.2 - BYPASS #2

This vulnerability allows an attacker to bypass intended password-change restrictions by leveraging knowledge of a cookie. Related records: http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass-2...

WordPress E-Search Plugin <= 1.0 - Cross-Site Scripting (XSS)

Because of this vulnerability, the variable date-from appears to send unsanitized data back to the users browser. Solution Update the plugin...

WordPress Font Plugin <= 7.5.0 - Absolute Path Traversal

This vulnerability allows the administrators to read arbitrary files via a full pathname in the "URL" parameter to AjaxProxy.php. Solution Update the plugin...

WordPress <= 4.2.3 - Multiple Vulnerabilities

WordPress 4.2.3 is prone to a cross site scripting and SQL injection vulnerabilities that exist because the sanitizewidgetinstance function in wp-includes/class-wp-customize-widgets.php does not use a constant-time comparison for widgets. In this way an attacker can execute a timing side-channel...

WordPress IBS Mappro Plugin <= 0.9 - Absolute Path Traversal

This vulnerability is in lib/download.php. It allows an attacker to read arbitrary files via a full pathname in the "file" parameter. Solution Update the plugin...

WordPress GD bbPress Attachments Plugin <= 2.2 - Directory Traversal

This vulnerability allows a remote administrator to include and execute arbitrary local files in the "tab" parameter in the gdbbpressattachments page to wp-admin/edit.php. Solution Update the plugin...

WordPress RobotCPA Plugin - Local File Inclusion

BookX plugin's get parameter "l" is prone to a local file include vulnerability because of failure of validation user-supplied input. It allows an attacker to get potentially sensitive information. The affected file is "f.php". Solution Update the plugin...

WordPress <= 4.1.1 - XSS

Because of this vulnerability, an attacker can execute same-origin JavaScript functions via the "target" parameter, as demonstrated by executing a certain click function, related to init.as and fireEvent.as. Solution Update WordPress...

WordPress <= 4.2.3 - SQL Injection

Because of this vulnerability, an attacker can execute arbitrary SQL commands via a comment that is mishandled after retrieval from the trash. Solution Update WordPress...

WordPress Acobot Live Chat & Contact Form Plugin <= 2.0 - Multiple CSRF

Because of these vulnerabilities, the attackers can hijack the authentication of administrators for requests that change plugin settings or conduct cross-site scripting attacks. Solution Upgrade the plugin...

WordPress Image Metadata Cruncher Plugin - Multiple CSRF and XSS

Because of these vulnerabilities, the attackers can hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the "imagemetadatacruncheralt" or "imagemetadatacrunchercaption" parameters. Solution Upgrade the plugin...

WordPress Apptha Video Gallery Plugin <= 2.5 - Multiple SQL Injection

Because of these vulnerabilities, the attackers can execute arbitrary SQL commands via the "videoId" parameter in a newvideo page to wp-admin/admin.php, "vid" parameter in a myextract action to wp-admin/admin-ajax.php or "playlistId" parameter in the newplaylist page. Solution Update the plugin...

WordPress DBManager Plugin <= 2.7.1 - Multiple Vulnerabilities

There are multiple vulnerabilities in this plugin, that allow remote authenticated users to execute arbitrary commands via shell metacharacters in the $backup'filepath' or $backup'mysqldumppath' variable. Solution Update the plugin...

WordPress Ad Manager Plugin <=1.1.2 - Open Redirect

This vulnerability is in the track-click.php. It allows the attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the "out" parameter. Solution Update the plugin...

WordPress BulletProof Security Plugin <= .51 - SQL Injection

This vulnerability is in admin/htaccess/bpsunlock.php. It allows remote authenticated users to execute arbitrary SQL commands via the "tableprefix" parameter. Solution Update the plugin...

WordPress EWWW Image Optimizer Plugin <= 2.0.1 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "error" parameter in the ewww-image-optimizer.php page to wp-admin/options-general.php. Solution Update the plugin...

WordPress <=3.9.1 - Multiple Vulnerabilities #1

wp-includes/pluggable.php does not use delimiters during concatenation of action values and uid values in CSRF tokens, that allows the attackers to bypass a CSRF protection mechanism via a brute-force attack. Related records:...

WordPress Email Marketing and Newsletters Plugin <= 1.97 - Multiple XSS

Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML via the "FormID" or "AdministratorID" parameters. Solution Update the plugin...

WordPress GD Star Rating Plugin <= 19.22 - SQL Injection

Because of this vulnerability,administrators to execute arbitrary SQL commands via the "s" parameter in the gd-star-rating-stats page to wp-admin/admin.php. Solution Update the plugin...

WordPress VideoWhisper Live Streaming Integration Plugin <= 4.29.4 - Multiple XSS

Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML. Solution Update the plugin...

WordPress Advanced Dewplayer Plugin - Script Directory Traversal

Advanced Dewplayer plugin is prone to a directory traversal vulnerability because of failure of cleaning up user-supplied input. An attacker can obtain sensitive information that could aid in further attacks. Solution Upgrade the plugin...

WordPress <= 3.6.0 - Cross Site Scripting #1

Because of this vulnerability, remote authenticated users can conduct cross-site scripting attacks. Solution Update WordPress...

WordPress BackWPup Plugin <= 3.0.12 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "tab" parameter to wp-admin/admin.php. Solution Update the plugin...

WordPress NextGEN Gallery - Arbitrary File Upload

NextGEN Gallery plugin is prone to an arbitrary file upload vulnerability. It allows an attacker to upload arbitrary files to the affected computer. Solution Update the plugin...

WordPress ShareThis Plugin <= 7.0.5 - CSRF

Because of this vulnerability, the attackers can hijack the authentication of administrators for requests that modify this plugin's settings. Solution Update the plugin...

WordPress BackupBuddy Plugin <= 2.2.4 - Sensitive Data Exposure #1

This vulnerability is in the importbuddy.php. It allows the attackers to bypass authentication via a crafted integer in the "step" parameter. Solution Update the plugin...

WordPress <= 3.5.1 - Privilege Escalation

Because of this vulnerability, the authenticated users can bypass intended restrictions on publishing and authorship reassignment via unspecified vectors. Solution Update the plugin...

WordPress <= 1.5.4 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via the "id" parameter. Solution Update the plugin...

WordPress <= 3.4.0 - CSRF

Because of this vulnerability, the attackers can hijack the authentication of unspecified victims via unknown vectors. Solution Update WordPress...

WordPress ClickDesk Live Support Plugin 2.0 - Cross Site Scripting

WordPressClickDesk Live Support plugin's "cdwidget" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker...