Lucene search
K
WpexploitMost viewed

4359 matches found

wpexploit
wpexploit
โ€ขadded 2023/01/17 12:0 a.m.โ€ข398 views

Responsive Gallery Grid < 2.3.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Note: In ids, please add the image attachme...

5.4CVSS5.2AI score0.00477EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/01/17 12:0 a.m.โ€ข397 views

Permalink Manager < 2.2.15 - Reflected Cross-Site Scripting

The plugins do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue https://example.com/index.php?p=%3Cimg%20src%20onerror=alert/XSS/%3E&debugurl=1...

6.1CVSS1.6AI score0.03368EPSS
Exploits2References1
wpexploit
wpexploit
โ€ขadded 2021/05/17 12:0 a.m.โ€ข397 views

Car Repair Services < 4.0 - Unauthenticated Reflected XSS & XFS

The theme did not properly sanitise its serviceestimatekey search parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting issue https://smartdata.tonytemplates.com/car-repair-service-v4/car1/estimateresult/result?s=&serviceestimatekey=...

6.1CVSS0.9AI score0.03884EPSS
Exploits2References2
wpexploit
wpexploit
โ€ขadded 2023/01/25 12:0 a.m.โ€ข396 views

Post Views Count <= 3.0.2 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks As a Contributor+ create a new post and add...

6.8CVSS5.2AI score0.00627EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/01/24 12:0 a.m.โ€ข396 views

Watu Quiz < 3.3.8.2 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. Make a logged in admin open the following URL:...

7.5CVSS5.8AI score0.00632EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/06/22 12:0 a.m.โ€ข396 views

LearnPress < 4.1.6.7 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting Fixed in 4.1.6.6 - https://example.com/wp-admin/admin.php?page=learn-press-settings&tab=emails&section=new-order-emails&a"alert/XSS/ Fixed in 4.1.6.7 - With a lesson attached ...

0.1AI score
Exploits0
wpexploit
wpexploit
โ€ขadded 2023/03/20 12:0 a.m.โ€ข395 views

Klaviyo <= 3.0.10 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Go to Klaviyo Settings, and at Klaviyo Setting...

4.8CVSS5.4AI score0.00442EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/05/31 12:0 a.m.โ€ข395 views

Video Conferencing with Zoom < 3.9.3 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/edit.php?posttype=zoom-meetings&page=zoom-video-conferencing-settings&a"alert/XSS/...

0.6AI score
Exploits0
wpexploit
wpexploit
โ€ขadded 2023/11/28 12:0 a.m.โ€ข394 views

WP Mail Log < 1.1.3 โ€“ Contributor+ Arbitrary File Upload to RCE

Description The plugin does not properly validate file extensions uploading files to attach to emails, allowing attackers to upload PHP files, leading to remote code execution. Run the following JS code in any page on the server, setting the id variable to a valid ID of a log entry on the server...

8.8CVSS9.2AI score0.01096EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/02/27 12:0 a.m.โ€ข394 views

Paid Memberships Pro < 2.9.12 - Subscriber+ SQL Injection

The plugin does not prevent subscribers from rendering shortcodes that concatenate attributes directly into an SQL query. While logged in as a subscriber, send the following request: await fetch'/wp-admin/admin-ajax.php',method:'POST', headers: 'Content-Type':...

8.8CVSS9AI score0.60452EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/01/03 12:0 a.m.โ€ข394 views

Icon Widget < 1.3.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit:...

5.4CVSS2.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/09/23 12:0 a.m.โ€ข394 views

Popup Maker < 1.16.9 - Contributor+ Stored XSS via Subscription Form

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks As a contributor, put the following shortcode in a post/page pumsubform namefieldtype="fullname" labelname="Name"...

5.4CVSS0.00534EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/12/29 12:0 a.m.โ€ข393 views

WP Google My Business Auto Publish < 3.4 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Note: First, you need to connect a Google My Business, select Account, and select Location. Exploit shortcode: gmb-revi...

5.4CVSS1AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/01/12 12:0 a.m.โ€ข393 views

PowerPack Lite for Beaver Builder < 1.2.9.3 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting https://example.com/wp-admin/options-general.php?page=ppbb-settings&tab=%22%3E%3Cimg+src+onerror%3Dalert%28/XSS/%29%3E...

6.1CVSS1.8AI score0.00863EPSS
Exploits2References1
wpexploit
wpexploit
โ€ขadded 2021/06/01 12:0 a.m.โ€ข393 views

WordPress Bitcoin Payments - Blockonomics < 3.3 - Reflected Cross-Site Scripting (XSS)

The plugin does not properly sanitise its filter action when viewing Orders before outputting it back in an attribute, leading to a reflected Cross-Site Scripting vulnerability. v alert/XSS/...

0.7AI score
Exploits0References1
wpexploit
wpexploit
โ€ขadded 2022/12/09 12:0 a.m.โ€ข392 views

Team Members < 5.2.1 - Editor+ Stored XSS

The plugin does not sanitize and escapes some of its settings, which could allow high-privilege users such as editors to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in a multisite setup. 1. Go to the "Teams" section ยป add a new te...

4.8CVSS0.2AI score0.00532EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/01/30 12:0 a.m.โ€ข390 views

WP Dark Mode < 4.0.0 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack Exploit shortcode: wpdarkmode class='" onmouseover="alert1"'...

5.4CVSS5.6AI score0.00457EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/01/24 12:0 a.m.โ€ข390 views

Product Slider and Carousel with Category for WooCommerce < 2.8 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. wcpscwcpdtslider design='" onmouseover="alert1"'...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/01/19 12:0 a.m.โ€ข390 views

GiveWP < 2.24.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks givemultiformgoal image='"...

5.4CVSS5.2AI score0.00555EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2021/03/16 12:0 a.m.โ€ข390 views

WP Super Cache < 1.7.2 - Authenticated Remote Code Execution (RCE)

The plugin was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not prohibited, so this vulnerability can be exploited for...

9CVSS1.5AI score0.23844EPSS
Exploits3References3
wpexploit
wpexploit
โ€ขadded 2023/01/17 12:0 a.m.โ€ข389 views

Widgets on Pages <= 1.7.0 - Contributor+ Stored XSS

The plugin does not validate and escape its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. widgetsonpages tiny="...

6.8CVSS5.2AI score0.00707EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/12/29 12:0 a.m.โ€ข389 views

GS Logo Slider < 3.3.8 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.8AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/12/28 12:0 a.m.โ€ข389 views

Print-O-Matic < 2.1.8 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/02/02 12:0 a.m.โ€ข388 views

List Pages Shortcode < 1.7.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. list-pages...

5.4CVSS5.1AI score0.0049EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/12/13 12:0 a.m.โ€ข388 views

WPQA < 5.9.3 - Missing validation lead to functionality abuse

The plugin which is a companion plugin used with Discy and Himer themes incorrectly tries to validate that a user already follows another in the wpqafollowingyouajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them...

3.5CVSS3.9AI score0.00488EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/04/26 12:0 a.m.โ€ข387 views

Image Optimizer by 10web < 1.0.27 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the iowdtabsactive parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary javascript by clicking a link. Make a logged in admin...

6.3AI score0.0085EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/01/17 12:0 a.m.โ€ข387 views

Simple URLs < 115 - Subscriber+ SQLi

The plugin does not escape some parameters before using them in various SQL statements used by AJAX actions available by any authenticated users, leading to a SQL injection exploitable by low privilege users such as subscriber. Run the below command in the developer console of the web browser whi...

8.8CVSS9.2AI score0.00943EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/07/19 12:0 a.m.โ€ข386 views

Elementor < 3.5.5 - Iframe Injection

Description The plugin does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs...

6.1CVSS6.2AI score0.02027EPSS
Exploits5References1
wpexploit
wpexploit
โ€ขadded 2022/11/09 12:0 a.m.โ€ข386 views

Seed Social < 2.0.4 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Put the following payload in any of the plugin...

0.1AI score0.00497EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2021/12/01 12:0 a.m.โ€ข386 views

Booster for WooCommerce < 5.4.9 - Reflected Cross-Site Scripting in General Module

The plugin does not sanitise and escape the wcjdeleterole parameter before outputting back in the admin dashboard when the General module is enabled, leading to a Reflected Cross-Site Scripting issue The "General" module needs to be enabled in "Woocommerce - Booster Settings - Booster"...

6.1CVSS0.4AI score0.00757EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/01/03 12:0 a.m.โ€ข385 views

Bold Timeline Lite < 1.1.5 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS1.5AI score0.01011EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/02/25 12:0 a.m.โ€ข385 views

Contact Form X < 2.4.1 - Reflected Cross-Site Scripting

The plugin does not escape the tab parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue https://example.com/wp-admin/options-general.php?page=contactformx&tab="+style=animation-name:rotation+onanimationstart=alert/XSS///...

6.1CVSS1.2AI score0.00978EPSS
Exploits1References1
wpexploit
wpexploit
โ€ขadded 2023/01/25 12:0 a.m.โ€ข384 views

WP Responsive Testimonials Slider And Widget <= 1.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks testimonialsslider autoplay="1; alert1;...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/04/16 12:0 a.m.โ€ข383 views

WPML Multilingual CMS < 4.6.1 - Reflected Cross-Site Scripting

The plugin does not escape some URL attributes before outputting them to a page, leading to a Reflected Cross-Site Scripting vulnerability. After setting up the plugin, visit the following URL: /wp-login.php?wplang=%20=id=x+type=image%20id=xss%20onfoc%3C!%3Eusin+alert0%0c...

6.3AI score
Exploits0References2
wpexploit
wpexploit
โ€ขadded 2023/01/03 12:0 a.m.โ€ข382 views

Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Note: First y...

5.4CVSS0.5AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/01/14 12:0 a.m.โ€ข382 views

Themify Portfolio Post < 1.1.7 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the numofpages parameter before outputting it back the response of the themifycreatepopuppagepagination AJAX action available to any authenticated user, leading to a Reflected Cross-Site Scripting alert/XSS/;'...

5.4CVSS5.4AI score0.00591EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2024/01/17 12:0 a.m.โ€ข381 views

MapPress Maps for WordPress < 2.88.16 - Unauthenticated Arbitrary Private/Draft Post Disclosure

Description The plugin does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts. The fix made in 2.88.15 is not sufficient as it still allowed any authenticated users, such s subscriber to read arbitrary...

6.7AI score0.00568EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/05/03 12:0 a.m.โ€ข380 views

VikBooking < 1.5.9 - Reflected Cross-Site Scripting

The plugin does not escape the current URL before putting it back in a JavaScript context, leading to a Reflected Cross-Site Scripting https://example.com/wp-admin/?test%22-alert/XSS/-%22 https://example.com/wp-admin/profile.php?test%22-alert/XSS/-%22...

6.1CVSS0.5AI score0.00757EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2018/12/11 12:0 a.m.โ€ข379 views

WP AutoSuggest 0.24 - Unauthenticated SQL Injection

The wp-autosuggest WordPress plugin was affected by an Unauthenticated SQL Injection security vulnerability. sqlmap -u "http://URL/wp-content/plugins/wp-autosuggest/autosuggest.php?wpasaction=query&wpaskeys=1" --technique BT --dbms MYSQL --risk 3 --level 5 -p wpaskeys --tamper space2comment...

1.2AI score
Exploits0References1
wpexploit
wpexploit
โ€ขadded 2023/01/17 12:0 a.m.โ€ข378 views

Meks Flexible Shortcodes < 1.3.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit:...

5.4CVSS5.1AI score0.0054EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/01/17 12:0 a.m.โ€ข378 views

Rich Table of Contents < 1.3.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks Note: The shortcode generates the content...

5.4CVSS5.2AI score0.00477EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/12/19 12:0 a.m.โ€ข378 views

Slimstat Analytics < 4.9.3 - Unauthenticated Stored XSS

The plugin does not sanitise and escape the URI when logging requests, which could allow unauthenticated attackers to perform Stored Cross-Site Scripting attacks against logged in admin viewing the logs As an unauthenticated user, open the following URL https://example.com/?s="alert/XSS/ The XSS...

6.1CVSS0.1AI score0.00642EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2021/12/27 12:0 a.m.โ€ข378 views

Image Hover Effects Ultimate < 9.7.1 - Reflected Cross-Site Scripting

The plugin does not escape the effects parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS1.3AI score0.00887EPSS
Exploits2References1
wpexploit
wpexploit
โ€ขadded 2021/11/30 12:0 a.m.โ€ข378 views

Video Conferencing with Zoom < 3.8.16 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape user data before outputting it back in attributes in some admin pages, leading to Reflected Cross-Site Scripting issues https://example.com/wp-admin/edit.php?posttype=zoom-meetings&page=zoom-video-conferencing&hostid="alert/XSS/...

0.2AI score
Exploits0
wpexploit
wpexploit
โ€ขadded 2021/02/06 12:0 a.m.โ€ข378 views

Like Button Rating < 2.6.32 - Unauthenticated Full-Read SSRF

The LikeBtn WordPress plugin was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery SSRF. On line 7493 in likebtnlikebutton.php a hook is set to allow unauthenticated ajax calls which will call the function likebtnprx. As the name suggests, this function works as a proxy and can ...

7.5AI score0.04337EPSS
Exploits1
wpexploit
wpexploit
โ€ขadded 2023/10/13 12:0 a.m.โ€ข377 views

WP < 6.3.2 - Unauthenticated Post Author Email Disclosure

Description WordPress does not properly restrict which user fields are searchable via the REST API. from multiprocessing import Pool import requests import string import json import sys if lensys.argv != 2: printf'USAGE: sys.argv0 ' sys.exit url = sys.argv1.rstrip'/' + '/wp-json/wp/v2/users'...

5.3CVSS5.6AI score0.03862EPSS
Exploits4References2
wpexploit
wpexploit
โ€ขadded 2023/02/20 12:0 a.m.โ€ข377 views

FluentSMTP < 2.2.3 - Stored XSS via Email Logs

The plugin does not sanitize or escape email content, making it vulnerable to stored cross-site scripting attacks XSS when an administrator views the email logs. This exploit requires other plugins to enable users to send emails with unfiltered HTML. XSS Payload : Steps to reproduce: 1. Install...

5.4CVSS5.7AI score0.00507EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2023/01/17 12:0 a.m.โ€ข377 views

WP Visitor Statistics (Real Time Traffic) < 6.5 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: wsmshowDayStatBox id='" onclick="javascript:alert1'...

5.4CVSS5.2AI score0.00477EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2021/11/23 12:0 a.m.โ€ข377 views

Tickera < 3.4.8.3 - Unauthenticated Stored Cross-Site Scripting

The plugin does not properly sanitise and escape the Name fields of booked Events before outputting them in the Orders admin dashboard, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins. As unauthenticated, book an Event, and put the following payload ...

6.1CVSS0.4AI score0.01167EPSS
Exploits2
wpexploit
wpexploit
โ€ขadded 2022/01/10 12:0 a.m.โ€ข376 views

All-in-one Floating Contact Form < 2.0.4 - Authenticated Reflected Cross-Site Scripting (XSS)

The plugin was vulnerable to reflected XSS on the my-sticky-elements-leads admin page. http://127.0.0.1:8001/wp-admin/admin.php?page=my-sticky-elements-leads&search-contact=xxxx%22%3E%3Cimg+src+onerror%3Dalert%281%29+x...

5.4CVSS1.4AI score0.01572EPSS
Exploits2References1
Total number of security vulnerabilities4359