Lucene search
K
WpexploitRecent

4359 matches found

wpexploit
wpexploit
•added 2023/02/13 12:0 a.m.•101 views

Advanced Recent Posts <= 0.6.14 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. lptwrecentposts colorscheme='"...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/13 12:0 a.m.•369 views

Beautiful Cookie Consent Banner < 2.10.2 - Unauthenticated Stored XSS

The plugin does not have authorisation and CSRF check when updating its settings, and does not escape some of them when outputting them, which could allow unauthenticated attackers to perform Stored Cross-Site Scripting attacks. An initial fix was released in version 2.10.1, and completed in...

1.3AI score
Exploits0
wpexploit
wpexploit
•added 2023/02/13 12:0 a.m.•114 views

i2 Pros & Cons <= 1.3.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. i2prosandcons showbutton='true'...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/13 12:0 a.m.•89 views

Resume Builder <= 3.1.1 - Subscriber+ Stored XSS

The plugin does not sanitize and escape some parameters related to Resume, which could allow users with a role as low as subscriber to perform Stored XSS attacks against higher privilege users Run the below command in the developer console of the web browser while being on the blog as subscriber...

5.4CVSS5.8AI score0.00444EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/13 12:0 a.m.•90 views

Cost Calculator <= 1.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. ndcostcalculator id='" onmouseover="alert1"...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/09 12:0 a.m.•407 views

Scriptless Social Sharing < 3.2.2 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Add a "Scriptless Social Sharing" Gutenberg block to a...

5.4CVSS5.6AI score0.00811EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/09 12:0 a.m.•203 views

WPCode < 2.0.7 - Contributor+ WPCode Library Auth Key Update/Deletion

The plugin does not have adequate privilege checks in place for several AJAX actions, only checking the nonce. This may lead to allowing any authenticated user who can edit posts to call the endpoints related to WPCode Library authentication such as update and delete the auth key. As a contributo...

4.3CVSS5.8AI score0.00801EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/08 12:0 a.m.•73 views

Replyable < 2.2.10 - Subscriber+ PHP Object Injection

The plugin does not validate the class name submitted by the request when instantiating an object in the promptdismissnotice action and also lacks CSRF check in the related action. This could allow any authenticated users, such as subscriber to perform Object Injection attacks. The attack could...

8.8CVSS8.7AI score0.00511EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/07 12:0 a.m.•149 views

Yellow Yard < 2.8.12 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks yyfilter field='" style=background-color:red...

5.8AI score0.00467EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/06 12:0 a.m.•118 views

Pie Register < 3.8.2.3 - Open Redirect

The plugin does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability Log In: 1. Visit /login?redirectto=//example.com 2. Log in as a user with lower privileges than Administrator. 3. See that the browser is redirected to example.com Lo...

5.4CVSS6.2AI score0.24263EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/06 12:0 a.m.•104 views

GigPress <= 2.3.28 - Subscriber+ SQLi

The plugin does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks Run the below commands in the developer console of the web browser while being on the blog ...

8.8CVSS9.2AI score0.01301EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/03 12:0 a.m.•138 views

Metform Elementor Contact Form Builder < 3.2.0 - Unauthenticated Stored XSS

The plugin does not sanitize and escape some of its submitted entry data when outputting them back in the admin dashboard, which could allow unauthenticated attackers to perform Stored XSS attacks against an admin viewing the malicious entry Setup as admin: Create a new form using MetForm Element...

7.2CVSS6.5AI score0.28565EPSS
Exploits5References1
wpexploit
wpexploit
•added 2023/02/03 12:0 a.m.•88 views

GS Insever Portfolio < 1.4.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. gsinstagram id='" onmouseover="alert1"...

5.4CVSS5.2AI score0.00528EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/03 12:0 a.m.•89 views

User Activity <= 1.0.1 - IP Spoofing

The plugin checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing 1. Send login request with x-forwarded-for: REDACTEDIP 2. Show spoofed IP address in the dashboard OWASP A09:2021 – Security Logging and Monitoring Failures...

7.5CVSS7.7AI score0.00658EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/03 12:0 a.m.•111 views

VK All in One Expansion Unit < 9.86.0.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Setup: The CTA Expansion...

5.4CVSS5.6AI score0.0056EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/02 12:0 a.m.•424 views

Embed PDF <= 1.0.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks gdoc class='"...

5.4CVSS5.2AI score0.0049EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/02 12:0 a.m.•69 views

Magazine Edge <= 1.13 - Subscriber+ Arbitrary Plugin Activation

The theme does not have authorisation and CSRF when activating plugins via an AJAX action, allowing any authenticated users, such as subscriber to activate arbitrary plugins Run the below command in the developer console of the web browser while being on the blog as a subscriber user...

1AI score
Exploits0
wpexploit
wpexploit
•added 2023/02/02 12:0 a.m.•423 views

Galleries by Angie Makes <= 1.67 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks gallery ids='1' captions="'...

5.4CVSS5.6AI score0.00466EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/02 12:0 a.m.•112 views

Print Invoice & Delivery Notes for WooCommerce < 4.7.2 - Reflected XSS

The plugin is vulnerable to reflected XSS by echoing a GET value in an admin note within the WooCommerce orders page. This means that this vulnerability can be exploited for users with the editothersshoporders capability. WooCommerce must be installed and active. This vulnerability is caused by a...

2.7AI score0.00516EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/02 12:0 a.m.•388 views

List Pages Shortcode < 1.7.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. list-pages...

5.4CVSS5.1AI score0.0049EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/02 12:0 a.m.•546 views

Show-Hide / Collapse-Expand <= 1.2.5 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS5.1AI score0.0049EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/02 12:0 a.m.•99 views

Ocean Extra < 2.1.2 - Contributor+ Stored XSS

The plugin does not escape the class attribute of its oceanwpbreadcrumb shortcode before outputting it back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks oceanwpbreadcrumb class='"...

5.5CVSS5.6AI score0.00343EPSS
Exploits1
wpexploit
wpexploit
•added 2023/02/02 12:0 a.m.•419 views

Olevmedia Shortcodes <= 1.1.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. button style='"...

5.4CVSS5.2AI score0.0049EPSS
Exploits2
wpexploit
wpexploit
•added 2023/02/01 12:0 a.m.•430 views

Donation Block For PayPal < 2.1.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. paypaldonationblock size='"...

5.4CVSS5.6AI score0.00466EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/31 12:0 a.m.•434 views

ShortPixel Adaptive Images < 3.6.3 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against any high privilege users such as admin https://example.com/?SPAIVJS=%3C/script%3E%3Cimg%20src%3D1%20onerror%3Dalert/XSS/;%3E...

6.1CVSS6.3AI score0.00881EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/31 12:0 a.m.•438 views

Namaste! LMS < 2.5.9.4 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Go to Namaste Settings, and at Payment Setting...

4.8CVSS5.4AI score0.00527EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/31 12:0 a.m.•538 views

GeoDirectory < 2.2.24 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. POST /wp-admin/admin-ajax.php HTTP/1.1...

7.2CVSS7.9AI score0.00764EPSS
Exploits1References1
wpexploit
wpexploit
•added 2023/01/31 12:0 a.m.•519 views

Correos Oficial <= 1.3.0.0 - Unauthenticated Arbitrary File Download

The plugin does not have an authorization check user input validation when generating a file path, allowing unauthenticated attackers to download arbitrary files from the server. Dependency: WooCommerce plugin Use the following curl command to download the contents of the wp-config.php file: curl...

7.5CVSS7.9AI score0.00849EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/31 12:0 a.m.•410 views

Arigato Autoresponder and Newsletter < 2.1.7.2 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. 1. Go to the Mailing list option and register a new user with the value "autofoc...

4.8CVSS5.4AI score0.00465EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/30 12:0 a.m.•123 views

BackupBuddy < 8.8.3 - Multiple Reflected Cross-Site Scripting

The plugin does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting Make a logged in admin/SA open one of the URL below: v " "...

6.1CVSS6.7AI score0.00858EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/30 12:0 a.m.•414 views

Real Media Library < 4.18.29 - Author+ Stored XSS

The plugin does not sanitise and escape the created folder names, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks. As a user with the author role, go to Media Library and create a new folder with the following payload: " Then Add a new medi...

5.4CVSS5.6AI score0.00457EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/30 12:0 a.m.•72 views

GS Portfolio for Envato < 1.4.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks Insert the following shortcode in a...

5.4CVSS5.2AI score0.00457EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/30 12:0 a.m.•416 views

EmbedStories < 0.7.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks embedsocialstories id="' onmouseover='alert1...

5.4CVSS5.6AI score0.00457EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/30 12:0 a.m.•111 views

WP Private Message < 1.0.6 - Private Message Disclosure via IDOR

The plugin bundled with the Superio theme as a required plugin does not ensure that private messages to be accessed belong to the user making the requests. This allowing any authenticated users to access private messages belonging to other users by tampering the ID. - Install the Superio theme an...

4.3CVSS5.5AI score0.00551EPSS
Exploits2References1
wpexploit
wpexploit
•added 2023/01/30 12:0 a.m.•415 views

Easy Digital Downloads < 3.1.0.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Add the "EDD Buy Button" Gutenberg block to a post and...

5.4CVSS5.6AI score0.00457EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/30 12:0 a.m.•406 views

EmbedSocial < 1.1.28 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks embedsocialstories id="' onmouseover='alert1...

5.4CVSS5.6AI score0.00457EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/30 12:0 a.m.•69 views

GS Filterable Portfolio < 1.6.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Note: First, you need to add a Portfolio...

5.4CVSS5.2AI score0.00457EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/30 12:0 a.m.•74 views

GS Books Showcase < 1.3.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. gsbookshowcase theme='" onmouseover="alert1...

6.8CVSS5.2AI score0.00608EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/30 12:0 a.m.•80 views

GS Products Slider for WooCommerce < 1.5.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks gswps theme='" onmouseover="alert1"...

5.4CVSS5.2AI score0.00457EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/30 12:0 a.m.•391 views

WP Dark Mode < 4.0.0 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack Exploit shortcode: wpdarkmode class='" onmouseover="alert1"'...

5.4CVSS5.6AI score0.00457EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/28 12:0 a.m.•357 views

ShopLentor < 2.5.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. As a contributor, add a "WL : FAQ" Gutenberg block to ...

5.4CVSS5.2AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/27 12:0 a.m.•482 views

Paid Memberships Pro < 2.9.9 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 1. Insert the...

6.1CVSS5.1AI score0.65006EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/27 12:0 a.m.•463 views

Greenshift < 5.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Exploit Additional CSS classes for "Advanced Heading"...

6.8CVSS5.2AI score0.00627EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/26 12:0 a.m.•443 views

Bootstrap Shortcodes <= 3.4.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks As a Contributor+ create a new post and add...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/26 12:0 a.m.•441 views

Video.js - HTML5 Video Player for WordPress <= 4.5.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks videojs mp4='" onerror="alert/XSS/"'...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/26 12:0 a.m.•452 views

Hueman Addons <= 2.3.3 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks column size='" onmouseover="alert1"...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/26 12:0 a.m.•399 views

Download Video Sidebar Widgets <= 6.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks vsw source="youtube" id="3PdILZ1P74"...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/25 12:0 a.m.•384 views

WP Responsive Testimonials Slider And Widget <= 1.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks testimonialsslider autoplay="1; alert1;...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/25 12:0 a.m.•396 views

Post Views Count <= 3.0.2 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks As a Contributor+ create a new post and add...

6.8CVSS5.2AI score0.00627EPSS
Exploits2
wpexploit
wpexploit
•added 2023/01/25 12:0 a.m.•425 views

Loan Comparison < 1.5.2 - Reflected XSS via shortcode

The plugin does not validate and escape some of its query parameters before outputting them back in a page/post via an embedded shortcode, which could allow an attacker to inject javascript into into the site via a crafted URL. Create a page "Test" containing the shortcode "loancomparison", then...

6.1CVSS6.1AI score0.00486EPSS
Exploits2
Total number of security vulnerabilities4359