WordPress Give plugin <= 2.3.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability found by Tim Coen in WordPress Give plugin versions = 2.3.0. Solution Update the WordPress Give plugin to the latest available version at least 2.3.1...

WordPress WP Fastest Cache plugin <= 0.8.9.0 - Unauthenticated Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion vulnerability found by Sebastian Neef in WordPress WP Fastest Cache plugin versions = 0.8.9.0. Solution Update the WordPress WP Fastest Cache plugin to the latest available version at least 0.8.9.1...

WordPress Ajax BootModal Login plugin <= 1.4.3 - CAPTCHA reuse vulnerability

CAPTCHA reuse required only once per user session vulnerability found by Lydéric Lefebvre and Fabien Haureils in WordPress Ajax BootModal Login plugin versions = 1.4.3. Solution 2018.09.01 - we were unable to find a patched version of this plugin...

WordPress Contact Form 7 to Database Extension plugin 2.10.32 - CSV Injection vulnerability

CSV Injection vulnerability found in WordPress Contact Form 7 to Database Extension plugin version 2.10.32. Vulnerable file ExportToCsvUtf8.php allows remote attackers to inject spreadsheet formulas into CSV files via the contact form. Solution This plugin has been closed and is no longer availab...

WordPress WP Security Audit Log plugin <=3.1.1 - Sensitive Information Disclosure

Sensitive Information Disclosure found in WordPress WP Security Audit Log plugin versions =3.1.1. Failed login log files indexable by Google. Solution Update the WordPress WP Security Audit Log plugin to the latest available version at least 3.1.2...

WordPress Bookly plugin <= 14.4 - Unauth. Stored Cross-Site Scripting (XSS) vulnerability

Unauth. Stored Cross-Site Scripting XSS vulnerability discovered by Luigi in the WordPress Bookly plugin versions = 14.4. Solution Update the WordPress Bookly plugin to the latest available version at least 14.5...

WordPress GD Rating System plugin 2.3 - Directory Traversal vulnerability (2)

A second Directory Traversal vulnerability found by d4wner in WordPress GD Rating System plugin version 2.3. Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-information page. Solution 1/9/2018 - we were unable to find a patched version of this plugin...

WordPress GD Rating System plugin 2.3 - Cross-Site Scripting (XSS) vulnerability (2)

A second Cross-Site Scripting XSS vulnerability found by d4wner in WordPress GD Rating System plugin version 2.3 Solution 1/9/2018 - we were unable to find a patched version of this plugin...

WordPress Smart Google Code Inserter plugin <= 3.4 - Unauthenticated Cross-Site Scripting (XSS) vulnerability

Unauthenticated Cross-Site Scripting XSS vulnerability found by Benjamin Lim in WordPress Smart Google Code Inserter plugin versions = 3.4. Solution Update the WordPress Smart Google Code Inserter plugin to the latest available version at least 3.5...

WordPress Ads Pro plugin <= 3.4 - Cross-Site Scripting / SQL Injection

bsaproid $GET parameter is vulnerable to SQL injection. Payload example: bsaprostats=1&[email protected]&bsaproid=xx AND 1707=1707 The payload works when the ad is displayed. Solution Update the plugin to the latest version...

WordPress Event List plugin <=0.7.8 - SQL Injection vulnerability

WordPress Event List plugin =0.7.8 vulnerable to SQL injection. Vulnerability allows an authenticated user to execute arbitrary SQL commands via the "id" parameter to "wp-admin/admin.php" Solution WordPress Event List plugin removed from WordPress.org plugin repository, please deactivate the plug...

WordPress Gravity Forms Plugin <= 2.0.6.5 - XSS

This plugin is prone to a cross site scripting vulnerability. It allows attackers to inject arbitrary JavaScript or HTML code. Solution Update the plugin...

WordPress Tidio Form Plugin <= 1.0 - Reflected XSS

This plugin is prone to a cross site scripting vulnerability. Solution Update the plugin...

WordPress HDW Tube Plugin <= 1.2 - Reflected XSS

This plugin is prone to a cross site scripting vulnerability via /hdw-tube/mychannel.php file. Solution Update the plugin...

WordPress <= 4.5.2 - BYPASS #1

WordPress before 4.5.3 allows remote attackers to bypass the sanitizefilename protection mechanism via unspecified vectors. Related records: http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass-1 http://db.threatpress.com/vulnerability/wordpress/wordpress-4-5-2-bypass-2...

WordPress Tera Charts Plugin - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

WordPress <= 4.5.1 - XSS

This vulnerability in plupload.flash.swf in Plupload before 2.1.9 allows an attacker to inject arbitrary web script or HTML via a Same-Origin Method Execution SOME attack. Solution Update WordPress...

WordPress New Year Firework Plugin <= 1.1.9 - Cross Site Scripting (XSS)

Because of this vulnerability, the variable text appears to send unsanitized data back to the users browser. The vulnerable file is /new-year-firework/firework/index.php. Solution Update the plugin...

WordPress <= 4.4.0 - Multiple XSS

Multiple cross site scripting vulnerabilities were found in wp-includes/class-wp-theme.php. These vulnerabilities allow the attackers to inject arbitrary web script or HTML via a 1. stylesheet name or 2. template name to wp-admin/customize.php. Solution Upgrade WordPress...

WordPress Payment Form for PayPal Pro Plugin <= 1.0.1 - XSS

This WordPress plugin is prone to a cross-site scripting XSS vulnerability. It allows remote attackers to inject arbitrary script or HTML. Solution Update the plugin...

WordPress Support Ticket System Plugin <= 1.2 - SQL Injection

This plugin is prone to an SQL injection vulnerability. It allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Update the plugin...

WordPress Google Analyticator <= 6.4.9.5 - Multiple XSS

These vulnerabilities allow an attacker to inject arbitrary web script or HTML via the 1. gadownloadsprefix 2. gadownloads 3. gaadsense 4. gaadmindisableDimentionIndex 5. gaoutboundprefix parameter in the google-analyticator page to wp-admin/admin.php. Solution Update the plugin...

WordPress Slider Revolution Plugin <= 4.2.2 - XSS

This vulnerability allows an attacker to inject arbitrary web script or HTML via the "clientaction" parameter. Solution Update the plugin...

WordPress WooCommerce Plugin <= 1.3 - Absolute Path Traversal

This vulnerability is in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin. It allows an attacker to read arbitrary files in the "requrl" parameter via a full pathname. Solution Update the plugin...

WordPress Salient Theme <= 4.9 - Cross Site Scripting

This vulnerability allows an attacker to inject arbitrary web script or HTML. Solution Update the theme...

WordPress Cardoza Poll Plugin <= 34.05 - Cross Site Request Forgery

This plugin is prone to a multiple external function remote poll manipulation. Solution Update the plugin...

WordPress Crayon Syntax Highlighter Plugin <= 2.6.10 - Local File Disclosure

This plugin is prone to a local file disclosure vulnerability. It allows attackers to see the content of any file. Solution Update plugin...

WordPress Slideshow Plugin <= 2.2.21 - Bypass

This plugin is prone to option value disclosure vulnerability. Solution Update plugin...

WordPress TheCartPress Plugin 1.3.9 - Multiple Vulnerabilities

TheCartPress plugin is prone to multiple vulnerabilities, such as local PHP file inclusion, stored XSS, improper access control and multiple XSS vulnerabilities. Solution Update the plugin...

WordPress Navis DocumentCloud Plugin <= 0.1.0 - XSS

This vulnerability is in js/window.php. It allows an attacker to inject arbitrary web script or HTML via the "wpbase" parameter. Solution Update the plugin...

WordPress Marketplace Plugin 2.4.0 - Arbitrary File Download

Marketplace plugin is prone to an arbitrary file download vulnerability. It allows an attacker to download arbitrary files from the web server and get potentially sensitive information. Solution Update the plugin...

WordPress Ninja Forms Plugin <= 2.8.9 - Unspecified Vulnerability

Because of this vulnerability in Ninja Forms plugin, remote attack vectors are related to admin users. Solution Update the plugin...

WordPress Fusion Theme <= 3.1 - Arbitrary File Upload

Because of this vulnerability in this Fusion theme, the authenticated users can execute arbitrary code by uploading a file with an executable extension in a fusionsave action and then accessing it via unspecified vectors. Solution Update the theme...

WordPress EasyCart Plugin <= 3.0.20 - Privilege Escalation

Because of this vulnerability, attackers can do privilege escalation and remote code execution. Solution Update the plugin...

WordPress CrossSlide jQuery Plugin <= 2.0.5 - Multiple CSRF

Because of these vulnerabilities, the attackers can hijack the authentication of administrators for requests that change plugin settings or conduct cross-site scripting XSS attacks via the several parameters "csjfade", "csjsleep", "csjwidth", "uploadimage", "csjheight" in in the thisismyurlcsj.ph...

WordPress Google Document Embedder Plugin <= 2.5.18 - XSS

This vulnerability allows an attacker to inject arbitrary web script or HTML via the "profile" parameter in the gde-settings page to wp-admin/options-general.php. Solution Upgrade the plugin...

WordPress Symposium Plugin 14.11 - Shell Upload

Symposium plugin is prone to a shell upload vulnerability. It allows an attacker to execute arbitrary PHP code by making a direct request to the uploaded .php file. Solution Update the plugin...

WordPress Shopping Cart Plugin 3.0.4 - Unrestricted File Upload

Shopping Cart plugin is prone to an unrestricted file upload vulnerability. Because of incorrect if statement inside "banneruploaderscript.php", any registered user can upload any file. Solution Upgrade the plugin...

WordPress gSlideshow Plugin 0.1 - CSRF and XSS

Because of these cross site request forgery vulnerabilities, the attackers can hijack the authentication of administrators for requests. In that way they can change plugin settings via unspecified vectors or conduct cross-site scripting attacks. Solution This plugin is closed...

WordPress HTML5 MP3 Player with Playlist Free Plugin <= 2.6 - Full Path Disclosure

Because of this vulnerability, the attackers can obtain the installation path via a request to html5plus/playlist.php. Solution Upgrade the plugin...

WordPress Paid Memberships Pro Plugin 1.7.14 - Directory Traversal

This vulnerability is in the services/getfile.php, It allows the attackers to read arbitrary files in the QUERYSTRING in a getfile action to wp-admin/admin-ajax.php. Solution Update the plugin...

WordPress XCloner Plugin - Multiple Vulnerabilities

XCloner plugin is prone to multiple vulnerabilities, such as: unauthenticated remote access to backup files via easily guessable file names, arbitrary command execution and authenticated remote file access. Also, clear text MySQL password exposure through HTML text box. Solution Upgrade the plugi...

WordPress Another Classifieds Plugin - SQL Injection

This WordPress GD Star Rating plugin's "keywordphrase" parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database when doing a search for classifieds. Solution...

WordPress Another Classifieds Plugin - SQL Injection

This WordPress GD Star Rating plugin's "keywordphrase" parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database when doing a search for classifieds. Solution...

WordPress Web-Dorado Photo Gallery Plugin <= 1.1.30 - Multiple XSS

Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML via the "callback", "dir", or "extensions" parameters. Solution Update the plugin...

WordPress Acento Theme - Arbitrary File Download

Acento theme's "file" parameter in view-pdf.php is prone to an arbitrary file download vulnerability. It allows an attacker to download arbitrary files from the web server and get potentially sensitive information. Solution Update the theme...

WordPress W3 Total Cache plugin <= 0.9.4 - Cross-Site Request Forgery (CSRF) vulnerability

WordPress W3 Total Cache plugin's "admin.php" is prone to a cross-site request forgery vulnerability. It allows an attacker to gain unauthorized access to the affected application by performing certain actions in the context of an authorized user's session. Solution Update the WordPress W3 Total...

WordPress GB Gallery Slideshow Plugin - SQL Injection

This WordPress GB Gallery Slideshow plugin's "wp-admin/admin-ajax.php" is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...

WordPress Tom M8te Plugin <= 1.5.3 - Local File Inclusion

Because of this vulnerability, the attackers can read arbitrary files via the "file" parameter to tom-download-file.php. Solution Upgrade the plugin...

WordPress Last.FM Rotation Plugin <= 3.3 - Local File Inclusion

Because of this vulnerability in lastfm-proxy.php, the attackers can read arbitrary files in the "snode" parameter. Solution Update the plugin...