Lucene search
K
WpexploitRecent

4359 matches found

wpexploit
wpexploit
•added 2022/06/16 12:0 a.m.•120 views

WooCommerce - Product Importer <= 1.5.2 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the imported data before outputting it back in the page, leading to a Reflected Cross-Site Scripting POST /wp-admin/admin.php?page=woopi&tab=import HTTP/1.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8...

6.1CVSS0.2AI score0.00661EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/15 12:0 a.m.•491 views

Ninja Forms < 3.6.11 - Unauthenticated PHP Object Injection

The plugin does not validate merge tags provided in the request, which could allow unauthenticated attackers to call any static method present in the blog. One from the plugin in particular could allow for PHP Object Injection when a suitable gadget is also present on the blog. Attackers have bee...

8AI score
Exploits0References2
wpexploit
wpexploit
•added 2022/06/15 12:0 a.m.•96 views

Sharebar <= 1.4.1 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and also lead to Stored Cross-Site Scripting issue due to the lack of sanitisation and escaping in some of them test1" test2"...

5.4CVSS0.3AI score0.00261EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/15 12:0 a.m.•119 views

Core Plugin for Kitestudio Themes < 2.3.1 - Reflected Cross-Site-Scripting

The plugin does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected Cross-Site Scripting. Install and active the...

6.1CVSS0.4AI score0.00657EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/15 12:0 a.m.•648 views

eaSYNC < 1.1.16 - Unauthenticated Arbitrary File Upload

The plugin suffers from insufficient input validation which leads to arbitrary file upload and subsequently to remote code execution. An AJAX action accessible to unauthenticated users is affected by this issue. An allowlist of valid file extensions is defined but is not used during the validatio...

9.8CVSS1.2AI score0.17572EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/15 12:0 a.m.•103 views

Photo Gallery by Supsystic < 1.15.6 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

5.4CVSS1.9AI score0.00366EPSS
Exploits1
wpexploit
wpexploit
•added 2022/06/15 12:0 a.m.•124 views

Pagebar < 2.70 - Arbitrary Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Furthermore, due to the lack of sanitisation in some of them, it could also lead to Stored XSS issues ' input type="text" name="postaftloop...

5.4CVSS1.1AI score0.00296EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•114 views

Easy Testimonials < 3.9 - Reflected Cross-Site Scripting

The plugin, when used along the Pro version, does not escape an URL before outputting it back in an attribute, leading to Reflected Cross-Site Scripting With the pro version installed and when consent hasn't been given yet:...

7.1AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•99 views

Clearfy Cache < 2.0.5 - Reflected Cross-Site Scripting

The plugin does not escape some generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting When Disable assets manager on back-end" is off: https://example.com/wp-admin/admin.php?page=gonzales-wbcrclearfy&action=index&wbcrassetsmanager=1&a"alert/XSS/...

0.1AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•96 views

ShortPixel Image Optimizer < 4.22.10 - Reflected Cross-Site Scripting

The plugin does not escape a generated URLs before outputting them back in an attribute, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/options-general.php?page=wp-shortpixel-settings&"alert/XSS/...

0.1AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•85 views

404 to 301 < 3.1.2 - Reflected Cross-Site Scripting

Description The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/admin.php?page=jj4t3-logs&a"alert/XSS/...

6.6AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•85 views

Modula Image Gallery < 2.6.7 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/edit.php?posttype=modula-gallery&page=modula-addons&a"alert/XSS/ Other URLs are affected...

Exploits0
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•90 views

WooCommerce Menu Cart < 2.12.0 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting When there is no shop active yet: https://example.com/wp-admin/index.php?a"alert/XSS/...

0.2AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•166 views

Woody Code Snippets < 2.4.6 - Reflected Cross-Site Scripting

The plugin does not escape a generated URLs before outputting them back in an attribute, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/edit.php?posttype=wbcr-snippets&page=import-wbcrinsertphp&a"alert/XSS/...

0.3AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•119 views

WooCommerce PDF Invoices & Packing Slips < 2.15.0 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/admin.php?page=wpowcpdfoptionspage&tab=documents&section=invoice&"alert/XSS/...

1AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•134 views

Checkout Fields Manager for WooCommerce < 5.5.7 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/admin.php?page=wc-settings&tab=wooccm&section=advanced&"--alert/XSS/...

0.4AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•83 views

WordPress Real Cookie Banner < 2.18.2 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting When there is the notice about the updated template: https://example.com/wp-admin/index.php?a"alert/XSS/...

0.3AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•483 views

WP All Export < 1.3.6 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https;?/example.com/wp-admin/admin.php?page=pmxe-admin-manage&a"alert/XSS/...

0.2AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/14 12:0 a.m.•93 views

Gravity PDF < 6.3.1 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/admin.php?page=gfeditforms&view=settings&subview=pdf&id=1&a'alert/XSS/...

0.4AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/13 12:0 a.m.•143 views

WP Contact Slider < 2.4.7 - Editor+ Stored Cross-Site Scripting

The plugin does not sanitize and escape the Text to Display settings of sliders, which could allow high privileged users such as editor and above to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed Create/edit a Slider, select the "text or HTML" for the " What would...

4.8CVSS4.7AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/13 12:0 a.m.•1059 views

Elementor < 3.5.6 - DOM Reflected Cross-Site Scripting

The plugin does not sanitise and escape user input appended to the DOM via malicious Lightbox settings, resulting in a DOM Cross-Site Scripting issue...

6.1CVSS1.2AI score0.2318EPSS
Exploits7References1
wpexploit
wpexploit
•added 2022/06/13 12:0 a.m.•93 views

Gallery < 2.0.0 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue...

6.1CVSS1AI score0.01626EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/13 12:0 a.m.•117 views

Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape field labels, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. As admin, put the following payload in a field label: The XSS will be triggered when editing the form, as well as in...

4.8CVSS1.2AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/10 12:0 a.m.•153 views

Ninja Forms < 3.6.10 - Admin+ Stored Cross-Site Scripting via Import

The plugin does not sanitize and escape some imported data, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. - Make a test form and then export it to your system. - Edit the file and enter an XSS payload like "img src=x...

4.8CVSS0.9AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•159 views

WordPress Security < 4.2.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup Put the following payload in the...

4.8CVSS0.7AI score0.00548EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•152 views

miniOrange's Google Authenticator < 5.5.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup Enable 2FA + Website Security and put...

4.8CVSS0.4AI score0.00548EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•127 views

Limit Login Attempts < 4.0.72 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup Put the following payload in the...

4.8CVSS0.7AI score0.00848EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•141 views

Google Authenticator < 1.0.8 - Admin+ Stored Cross-Site Scripting

The plugin does not escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed Put the following payload in the Account Name settings and click on the 'Change App name' button: " autofocus onfocus=alert/XSS//...

4.8CVSS1.6AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•147 views

miniOrange Google Authenticator < 1.0.5 - CSRF to Stored Cross-Site Scripting

The plugin does not have CSRF check when saving its settings, and does not sanitise as well as escape them, allowing attackers to make a logged in admin change them and perform Cross-Site Scripting attacks v ' / v...

4.3CVSS0.5AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•210 views

NextCellent Gallery <= 1.9.35 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its image settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup Create/edit a gallery with at least one image, pu...

4.8CVSS4.7AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•141 views

Nested Pages < 3.1.21 - Admin+ Stored Cross Site Scripting

The plugin does not escape and sanitize the some of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfilteredhtml is disallowed Put the following payload on the "Menu Name" settings of the plugin: "onmouseover=alert"XSS"//...

4.8CVSS1.4AI score0.00625EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•177 views

Login using WordPress Users < 1.13.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup Put the following payload in the "IDP Metadata" "IdP...

4.8CVSS4.7AI score0.00625EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•125 views

Site Offline or Coming Soon <= 1.6.6 - Stored Cross-Site Scripting via CSRF

The plugin does not have CSRF check in place when updating its settings, and it also lacking sanitisation as well as escaping in some of them. As a result, attackers could make a logged in admin change them and put Cross-Site Scripting payloads in them via a CSRF attack "...

6.1CVSS1AI score0.00739EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•118 views

Qubely < 1.8.1 - Authenticated Arbitrary Settings Update

The plugin does not have proper authorisation when saving its settings, allowing users with a role as low as subscriber in versions 1.7.9 or contributor in v 1.8.1 to update them As a subscriber Nonce can be taken from the qubelylocalscript-js-extra script on the homepage...

1AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•155 views

miniOrange's Malware Scanner < 4.5.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup Put the following payload in the...

4.8CVSS0.8AI score0.00548EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/06 12:0 a.m.•215 views

XCloner < 4.3.6 - Plugin Settings Reset

The plugin does not have authorisation and CSRF checks when resetting its settings, allowing unauthenticated attackers to reset them, including generating a new backup encryption key. v4.3.5 added capability check, but CSRF one still missing. v...

4.3CVSS1.1AI score0.00283EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/03 12:0 a.m.•143 views

Form - Contact Form <= 1.2.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape Custom text fields, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed Create/edit a form, add a Custom Text field, put the following payload in it: alert/XSS/, save the field...

4.8CVSS0.1AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/03 12:0 a.m.•141 views

Image Gallery - Grid Gallery < 1.1.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its Image fields, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed Create a gallery with the "Gallery Theme" set to "Gallery Image 2", add an image and put the...

4.8CVSS0.2AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/02 12:0 a.m.•106 views

HTML2WP <= 1.0.0 - Subscriber+ Arbitrary File Deletion

The plugin does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary file To delete the license.txt at the root of the blog: await...

8.1CVSS0.4AI score0.00532EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/02 12:0 a.m.•583 views

WP Ultimate CSV Importer < 6.5.3 - Admin+ Blind SSRF

The plugin does not fully validate the file to be imported via an URL before making an HTTP request to it, which could allow high privilege users such as admin to perform Blind SSRF attacks Put an internal/LAN URL such as below in the file upload by URL function https://127.0.0.1:8080...

7.2CVSS1.3AI score0.0126EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/02 12:0 a.m.•144 views

Co-Authors-Plus 3.5/3.5.1 - Guest Authors Email Address Disclosure

The plugin introduced an information disclosure vulnerability specifically, the e-mails of guest authors via a public REST endpoint accessible without any authentication https://example.com/wp-json/wp/v2/coauthors...

2.5AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/02 12:0 a.m.•125 views

HTML2WP <= 1.0.0 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them input type=...

4.3CVSS1.8AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/02 12:0 a.m.•168 views

Mihdan: No External Links < 5.0.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup Put the following payload in any of the text field...

4.8CVSS4.7AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/02 12:0 a.m.•115 views

Browser and Operating System Finder <= 1.2 - Unauthenticated Settings Reset

The plugin does not have authorisation and CSRF check when resetting its settings, allowing unauthenticated users to reset them https://example.com/?type=reset-all...

3.4AI score
Exploits0
wpexploit
wpexploit
•added 2022/06/02 12:0 a.m.•152 views

Flower Delivery by Florist One <= 3.5.15 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setups As admin, go to the plugin's settings, create a new...

4.8CVSS0.1AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/02 12:0 a.m.•100 views

Dokan < 3.6.4 - Vendor Stored Cross-Site Scripting

The plugin allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators. As a vendor, add a review in any products with following payload: https://youtu.be/gGUNSG5s5JU...

1AI score0.00491EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/02 12:0 a.m.•133 views

HTML2WP <= 1.0.0 - Unauthenticated Arbitrary File Upload

The plugin does not have authorisation and CSRF checks when importing files, and does not validate them, as a result, unauthenticated attackers can upload arbitrary files such as PHP on the remote server await fetch"https://example.com/wp-admin/admin.php?page=html2wp-settings", "headers":...

9.8CVSS0.8AI score0.11866EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/02 12:0 a.m.•134 views

Ultimate WooCommerce CSV Importer <= 2.0 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the imported data before outputting it back in the page, leading to a Reflected Cross-Site Scripting POST /wp-admin/admin.php?page=simple-woocommerce-csv-loader%2Fadmin%2FCSVLoader.php HTTP/1.1 Accept:...

6.1CVSS6.2AI score0.00739EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/01 12:0 a.m.•167 views

Add Post URL <= 2.1.0 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping " document.getElementById"test".submit; XSS will be...

4.3CVSS0.5AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
•added 2022/06/01 12:0 a.m.•503 views

Easy SVG Support < 3.3.0 - Author+ Stored Cross Site Scripting via SVG

The plugin does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads As an author or above, upload the below SVG file via the Media library: alert/XSS/; The XSS will be triggered when accessing the file directly, e...

5.4CVSS5.3AI score0.00558EPSS
Exploits2
Total number of security vulnerabilities4359