Lucene search
K
WpexploitRecent

4359 matches found

wpexploit
wpexploit
added 2023/01/10 12:0 a.m.178 views

PDF.js Viewer < 2.1.8 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. pdfjs-viewer viewerheight='"...

5.4CVSS2.8AI score0.00562EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/10 12:0 a.m.137 views

WP-ShowHide < 1.05 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS1.6AI score0.00573EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/10 12:0 a.m.126 views

Easy Testimonials < 3.9.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 1. Insert the...

5.4CVSS1.1AI score0.00649EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/10 12:0 a.m.134 views

PPWP – WordPress Password Protect Page < 1.8.6 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.6AI score0.00649EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/10 12:0 a.m.85 views

Clean Login < 1.13.7 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Note: 1. Firs...

5.4CVSS0.6AI score0.00573EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/09 12:0 a.m.88 views

ChatBot < 4.2.9 - Unauthenticated Settings Reset

The plugin does not have authorisation and CSRF checks when reseting its settings via an AJAX action available to unauthenticated users, which could allow unauthenticated attackers to reset the plugin's settings https://example.com/wp-admin/admin-ajax.php?action=qcldwbchatbootdeletealloptions...

3.9AI score
Exploits0
wpexploit
wpexploit
added 2023/01/06 12:0 a.m.112 views

WP Tabs < 2.1.17 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. trtabs id='"; alert1; "' trtabs id='"...

5.4CVSS1.2AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/06 12:0 a.m.88 views

CPO Companion < 1.1.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS1.1AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/06 12:0 a.m.107 views

WP Social Widget < 2.2.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. wpsw facebook='" onmouseover="alert1"'...

5.4CVSS2AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/06 12:0 a.m.105 views

Posts List Designer by Category < 3.2 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS1.7AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/06 12:0 a.m.107 views

WP Extended Search < 2.1.2 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: wpessearchform searchformcssclass='" onmouseover="alert1"'...

5.4CVSS1.9AI score0.00484EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/06 12:0 a.m.97 views

Post Grid, Post Carousel, & List Category Posts < 2.4.19 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Exploit Additional CSS classes for "Smart Post Show"...

5.4CVSS5.3AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/06 12:0 a.m.96 views

Blog Designer – Post and Widget < 2.4.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: wpspwrecentpostslider design='" onmouseover="alert1" style="background:red;"'...

6.8CVSS1.6AI score0.00627EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/06 12:0 a.m.98 views

Custom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro < 1.8.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.3AI score0.00548EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/06 12:0 a.m.112 views

News & Blog Designer Pack < 3.3 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: bdpmasonry grid='1" onmouseover="alert1" style="background:red;"'...

5.4CVSS1.7AI score0.00438EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/05 12:0 a.m.176 views

Social Warfare < 4.4.0 - Post Meta Deletion via CSRF

The plugin does not have CSRF checks in some AJAX actions, allowing attackers, to make a logged in admin call them and delete arbitrary post meta as well as reset access tokens related to network via CSRF attacks...

5.4CVSS2.1AI score0.00374EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/05 12:0 a.m.77 views

Widgets for Google Reviews < 9.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

6.4CVSS1.6AI score0.00507EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/05 12:0 a.m.95 views

CC Child Pages < 1.43 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit:...

5.4CVSS1AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.86 views

Themify Shortcodes < 2.0.8 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: themifybutton color='red" onmouseover="alert1"'XSS/themifybutton...

5.4CVSS2.1AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.186 views

RSS Aggregator by Feedzy < 4.1.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 1. Add the Feedzy RS...

5.4CVSS0.2AI score0.00507EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.860 views

Insert Pages < 3.7.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit: inse...

5.4CVSS0.9AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.108 views

AAWP < 3.12.3 - Unsafe URL Handling

The plugin can be used to abuse trusted domains to load malware or other files through it Reflected File Download to bypass firewall rules in companies. wp-content/aawp/public/image.php?url=base64-url will load and download the file from the base64-decoded URL...

7.5CVSS0.9AI score0.00797EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.608 views

Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload

The plugin does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE. 1. Install and activate WooCommerce dependency, no setup required 2. Create a local file containing the payload on /tmp/payload.php 3. Execu...

9.8CVSS0.9AI score0.17569EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.400 views

FL3R FeelBox <= 8.1 - Moods Reset via CSRF

The plugin does not have CSRF check when updating reseting moods which could allow attackers to make logged in admins perform such action via a CSRF attack and delete the lydlposts & lydlpoststimestamp DB tables Make a logged in admin open a page containing the HTML code below...

4.3CVSS1AI score0.00267EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.361 views

FL3R FeelBox <= 8.1 - Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack Make a logged in admin open a page containing the HTML code below '...

6.1CVSS0.3AI score0.00285EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.153 views

Pricing Tables WordPress Plugin – Easy Pricing Tables < 3.2.3 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Note: Enable compatibility mode by going to the settings of the plugins. Exploit shortcode: easy-pricing-toggle...

5.4CVSS0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.122 views

Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 9.0.11 - PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

7.2CVSS1.1AI score0.01046EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/04 12:0 a.m.95 views

WooCommerce Chained Products < 2.12.0 - Unauthenticated Arbitrary Options Update to 'no'

The plugin does not have authorisation and CSRF checks, as well as does not ensure that the option to be updated belong to the plugin, allowing unauthenticated attackers to set arbitrary options to 'no' As unauthenticated, open the following URL to set the Blog Name to 'no':...

4.3CVSS1.9AI score0.00281EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.414 views

CPT Bootstrap Carousel <= 1.12 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Note: First y...

5.4CVSS1.6AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.394 views

Icon Widget < 1.3.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit:...

5.4CVSS2.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.463 views

MediaElement.js – HTML5 Video & Audio Player <= 4.2.8 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high-privilege users such as admins. 1. Insert the...

5.4CVSS0.8AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.475 views

PDF Viewer < 1.0.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: pdfviewer height='" onmouseover="alert1"'http://localhost/file.pdf/pdfviewer...

5.4CVSS1.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.430 views

Simple Sitemap < 3.5.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.8AI score0.00519EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.413 views

Portfolio for Elementor, Image Gallery & Post Grid | PowerFolio < 2.3.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Note: First,...

5.4CVSS1.6AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.385 views

Bold Timeline Lite < 1.1.5 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS1.5AI score0.01011EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.356 views

Justified Gallery < 1.7.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: gallery ids="1" lightbox="' onmouseover='alert1'"...

5.4CVSS1.8AI score0.0049EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.407 views

PixCodes < 2.3.7 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.4AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.459 views

Accordion Shortcodes <= 2.4.2 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: accordion class='" onmouseover="alert1" style="background:red;width:100px;height:100px;"'...

5.4CVSS1.6AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.382 views

Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Note: First y...

5.4CVSS0.5AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/02 12:0 a.m.109 views

Qubely < 1.8.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Add the following Additional CSS classes to the "Post...

0.5AI score0.00745EPSS
Exploits2
wpexploit
wpexploit
added 2023/01/02 12:0 a.m.526 views

Google Analyticator < 6.5.6 - Admin+ PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void die"Arbitra...

7.2CVSS0.8AI score0.01046EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/29 12:0 a.m.457 views

10WebMapBuilder < 1.0.72 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit:...

5.4CVSS2.2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/29 12:0 a.m.393 views

WP Google My Business Auto Publish < 3.4 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Note: First, you need to connect a Google My Business, select Account, and select Location. Exploit shortcode: gmb-revi...

5.4CVSS1AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/29 12:0 a.m.159 views

Multiple themes - Unauthenticated Arbitrary File Upload

Multiple themes from ChimpStudio and PixFill does not have any authorisation and upload validation in the langupload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server. Create a malicious file "backdoor.php", then curl...

9.8CVSS1.4AI score0.02084EPSS
Exploits12
wpexploit
wpexploit
added 2022/12/29 12:0 a.m.438 views

Passster < 3.5.5.8 - Contributor+ Stored Cross-Site Scripting

The plugin does not escape the area parameter of its shortcode, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks. passster password="1" area='" style="animation-name:twentytwentyone-close-button-transition" onanimationend="alert/XSS///'...

5.4CVSS2.2AI score0.00393EPSS
Exploits1
wpexploit
wpexploit
added 2022/12/29 12:0 a.m.389 views

GS Logo Slider < 3.3.8 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.8AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/29 12:0 a.m.464 views

GeoDirectory < 2.2.22 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Note: First,...

5.4CVSS1.4AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/29 12:0 a.m.457 views

Genesis Columns Advanced < 2.0.4 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks which could be used against high-privilege users such as admins. 1. Insert t...

5.4CVSS1.1AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/29 12:0 a.m.602 views

Passster < 3.5.5.9 - Protection Bypass & Arbitrary Post Access

The plugin does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated users to bypass the protection offered by the plugin, and access arbitrary posts such as private content, by sending a specifically crafted request. The nonce can be retrieve...

7.5CVSS0.8AI score0.00818EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/29 12:0 a.m.514 views

Video Conferencing with Zoom < 4.0.10 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 1. Insert the...

5.4CVSS0.7AI score0.00471EPSS
Exploits2
Total number of security vulnerabilities4359