Lucene search
K
WpexploitRecent

4359 matches found

wpexploit
wpexploit
added 2022/12/29 12:0 a.m.428 views

Content Control < 1.1.10 - Contributor+ Stored XSS

The plugin does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.9AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/29 12:0 a.m.423 views

Top 10 < 3.2.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its Block attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 1. Insert a Top 1...

5.4CVSS0.5AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.389 views

Print-O-Matic < 2.1.8 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS2AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.459 views

Word Balloon < 4.19.3 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS1.6AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.443 views

OneClick Chat to Order < 1.0.4.2 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 1. Install th...

5.4CVSS1.1AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.498 views

ShiftNav – Responsive Mobile Menu < 1.7.2 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS1AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.594 views

Meteor Slides < 1.5.7 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. meteorslidesh...

5.4CVSS0.6AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.82 views

Structured Content < 1.5.1 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.6AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.559 views

Optimize images ALT Text (alt tag) & names for SEO using AI < 2.0.8 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. Use the following form to abuse the CSRF vulnerability on the settings page: action layout textColor contentBackgroundColor starColor...

6.5CVSS0.3AI score0.00332EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.450 views

Collapse-O-Matic < 1.8.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin. Exploit...

5.4CVSS0.8AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.488 views

WP Popups < 2.1.4.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit:...

5.4CVSS0.6AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.426 views

Product Slider for WooCommerce < 2.6.4 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Install the...

5.4CVSS5.3AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.609 views

BruteBank - WP Security & Firewall < 1.9 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. POST /wp-admin/admin.php?page=brutebank-settings HTTP/1.1 publickey=site.a%22%2522aaaa%3Daaa&secretkey=aaa&update=Update...

6.5CVSS3.9AI score0.00332EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/28 12:0 a.m.647 views

User Verification < 1.0.94 - Authentication Bypass

The plugin was affected by an Auth Bypass security vulnerability. To bypass authentication, we only need to know the user’s username. Depending on whose username we know, which can be easily queried because it is usually public data, we may even be given an administrative role on the website...

9.8CVSS1.4AI score0.01598EPSS
Exploits2References1
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.493 views

Search & Filter < 1.2.16 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin. Insert the...

5.4CVSS0.7AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.597 views

CBX Petition for WordPress <= 1.0.3 - Unauthenticated SQLi

The plugin does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. 1. Create and publish a new petition. 2. Invoke the following curl command, with the nonce in place, to induce a...

9.8CVSS1.3AI score0.01037EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.452 views

Compact WP Audio Player < 1.9.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit:...

5.4CVSS0.3AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.565 views

WP Limit Login Attempts <= 2.6.4 - IP Spoofing

The plugin prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based restrictions on login forms. Set HTTPCLIENTIP or HTTPXFORWARDEDFOR as used in wplimitgetip to spoof the IP address and bypass the block...

7.5CVSS0.7AI score0.00703EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.511 views

Page-list < 5.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.8AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.658 views

WP Statistics < 13.2.9 - Authenticated SQLi

The plugin does not escape a parameter, which could allow authenticated users to perform SQL Injection attacks. By default, the affected feature is available to users with the manageoptions capability admin+, however the plugin has a settings to allow low privilege users to access it as well. Log...

8.8CVSS0.7AI score0.35679EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.443 views

Rate my Post – WP Rating System < 3.3.9 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: ratemypost-result id='" onmouseover="alert1"'...

5.4CVSS1.9AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.463 views

Landing Page Builder < 1.4.9.9 - Contributor+ Cross-Site Scripting via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 1. Insert the...

5.4CVSS1.5AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.530 views

Sassy Social Share < 3.3.45 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Insert the...

5.4CVSS0.7AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.471 views

Login Logout Menu < 1.4.0 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.8AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.448 views

EU Cookie Law <= 3.1.6 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Enter the setting page of this plugin. 2. In t...

4.8CVSS4.7AI score0.0047EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.456 views

Easy Appointments < 3.11.2 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.5AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.520 views

Pardakht Delkhah < 2.9.3 - Unauthenticated Stored XSS

The plugin does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin. 1. Install and activate WoocCommerce dependency, no configuration...

6.1CVSS0.6AI score0.00526EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.406 views

HashBar – WordPress Notification Bar < 1.3.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: hashbarbtn btntarget='" onmouseover="alert1"'...

5.4CVSS1.8AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.820 views

All In One WP Security & Firewall < 5.1.3 - Configuration Leak

The plugin leaked settings of the plugin publicly, including the used email address. Config leak in previous versions: "aiowpsremovewpgeneratormetainfo" filetype:txt https://www.google.com/search?q=%22aiowpsremovewpgeneratormetainfo%22+filetype%3Atxt Search for aiowpsemailaddress...

5.3CVSS0.2AI score0.00658EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.581 views

FluentAuth < 1.0.2 - Bypass blocks by IP Spoofing

The plugin prioritizes getting a visitor's IP address from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass the IP-based blocks set by the plugin. Set HTTPXREALIP, HTTPXFORWARDEDFOR, HTTPCFCONNECTINGIP or HTTPCLIENTIP to spoof the IP address...

7.5CVSS1.3AI score0.00727EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.476 views

Sitemap < 4.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. pagelist...

5.4CVSS1.3AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.547 views

Login as User or Customer < 3.3 - Unauthenticated Privilege Escalation to Admin

The plugin lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session. Run the below command in the developer console of the web browser while being on the blog as an unauthenticated user, then...

9.8CVSS1.8AI score0.38625EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.450 views

Easy Social Feed – Social Photos Gallery – Post Feed – Like Box < 6.4.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin. Exploit...

5.4CVSS1.6AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.440 views

Mongoose Page Plugin < 1.9.0 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: facebook-page-plugin href='test.js' method='sdk' language='" onerror="alert1"'...

5.4CVSS2.1AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.641 views

Google Analyticator < 6.5.6 - Admin+ PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. To simulate a gadget chain, put the following code in the plugin: class Evil public function wakeup : void...

7.2CVSS0.5AI score0.01046EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/27 12:0 a.m.517 views

WordPress Simple Shopping Cart < 4.6.2 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS1.6AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/24 12:0 a.m.168 views

Conditional Payment Methods for WooCommerce <= 1.0 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin|users with a role as low as admin...

7.2CVSS1.9AI score0.00945EPSS
Exploits2References1
wpexploit
wpexploit
added 2022/12/24 12:0 a.m.152 views

Easy Bootstrap Shortcode <= 4.5.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. 1. Insert thi...

5.4CVSS1AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/24 12:0 a.m.154 views

Store Locator WordPress < 1.4.9 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS1.6AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.406 views

Greenshift – animation and page builder blocks < 4.8.9 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. Exploit shortcode: wpreusablerender id='2' ajax='true' height='100px;width:100px;background:red;" onmouseover="alert1"'...

5.4CVSS1.7AI score0.00393EPSS
Exploits1
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.96 views

Real Cookie Banner < 3.4.10 - Contributor+ Stored XSS

The plugin does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins. Exploit shortcode: rcb-consent class='"...

5.4CVSS1.2AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.107 views

Easy Accordion < 2.2.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit...

5.4CVSS0.5AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.145 views

MonsterInsights < 8.9.1 - Stored Cross-Site Scripting via Google Analytics

The plugin does not sanitize or escape page titles in the top posts/pages section, allowing an unauthenticated attacker to inject arbitrary web scripts into the titles by spoofing requests to google analytics. 1. Open a WP page with the plugin and Google analytics installed and search for somethi...

6.1CVSS0.5AI score0.01339EPSS
Exploits3
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.343 views

User Post Gallery <= 2.19 - Unauthenticated RCE

The plugin does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it. Invoke the following curl command to execute the "id" command via PHP's exec function: curl -i...

9.8CVSS1.7AI score0.42723EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.108 views

Welcart e-Commerce < 2.8.9 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escapes one of its shortcode attributes, which could allow users with a role as low as a contributor to perform a Stored Cross-Site Scripting attack. 1. Add a product item to the plugin. The item name, for example, "first". You will also use this in the shortcode...

5.4CVSS0.9AI score0.00471EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.137 views

Link Library < 7.4.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Install the plugin and go to:...

4.8CVSS0.6AI score0.0047EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.508 views

Themify Portfolio Post < 1.2.1 - Contributor+ Stored XSS

The plugin does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privileged users such as admin. Exploit...

5.4CVSS0.7AI score0.00534EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.103 views

WP Spell Check < 9.13 - Ignored Word Deletion via CSRF

The plugin does not have CSRF check in place when deleting ignored words, allowing attacker to make a logged in admin delete them via a CSRF attack Make a logged in admin open https://example.com/wp-admin/admin.php?page=wp-spellcheck-ignore.php&delete=4...

2AI score
Exploits0
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.574 views

Tickera < 3.5.1.0- Plugin Data Deletion via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. 1. Navigate to Tickera Settings » Delete info 2. Delete info request intercept like that POST...

4.3CVSS1.3AI score0.00292EPSS
Exploits2
wpexploit
wpexploit
added 2022/12/23 12:0 a.m.73 views

Show All Comments < 7.0.1 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a logged in high privilege users such as admin. Visit the following URL authenticated or not to trigger an alert box:...

6.1CVSS0.2AI score0.00897EPSS
Exploits2
Total number of security vulnerabilities4359