Lucene search
K
WpexploitRecent

4359 matches found

wpexploit
wpexploit
added 2022/06/01 12:0 a.m.132 views

Cimy Header Image Rotator <= 6.1.1 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack document.getElementById"test".submit; input ty...

4.3CVSS1.4AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
added 2022/06/01 12:0 a.m.123 views

Clean-Contact <= 1.6 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS due to the lack of sanitisation and escaping as well ' document.getElementById"test".submit;...

4.3CVSS0.9AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
added 2022/06/01 12:0 a.m.133 views

Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF

The plugin does not perform CSRF checks in it's ajax endpoints and admin pages, allowing an attacker to trick any logged in user to manipulate or change the plugin settings, as well as create, delete and rename projects and networks. document.getElementById"test".submit;...

4.3CVSS0.5AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
added 2022/06/01 12:0 a.m.141 views

Icegram < 2.1.8 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some campaign parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks Create/edit a campaign such as a Black Friday one, check the "Use Opt-in / Subscription / Lead capture form" settings and put...

5.4CVSS0.2AI score0.00558EPSS
Exploits2
wpexploit
wpexploit
added 2022/06/01 12:0 a.m.186 views

My Private Site < 3.0.8 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack document.getElementById"test".submit; document.getElementById"test".submit; sc...

4.3CVSS0.8AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
added 2022/06/01 12:0 a.m.154 views

New User Approve < 2.4 - Arbitrary Settings Update & Invitation Code Creation via CSRF

The plugin does not have CSRF check in place when updating its settings and adding invitation codes, which could allow attackers to add invitation codes for bypassing the provided restrictions and to change plugin settings by tricking admin users into visiting specially crafted websites. Add code...

4.3CVSS2AI score0.00367EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.112 views

WP Post Styling < 1.3.1 - Multiple CSRF

The plugin does not have CSRF checks in various actions, which could allow attackers to make a logged in admin delete plugin's data, update the settings, add new entries and more via CSRF attacks HTMLFormElement.prototype.submit.call document.getElementById"test" ;...

4.3CVSS0.7AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.106 views

CURCY < 2.1.18 - Reflected Cross-Site Scripting

The plugin does not escape some generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/admin.php?page=wc-reports&a"alert/XSS/...

0.1AI score
Exploits0
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.414 views

Spectra < 1.25.6 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting When the admin notice about Usage Tracking is displayed: https://example.com/wp-admin/index?a"alert/XSS/...

Exploits0
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.79 views

Visualizer < 3.7.7 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/admin-ajax.php?action=visualizer-edit-chart&library=yes&chart=6190&tab=visualizer&a"alert/XSS/...

0.5AI score
Exploits0
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.395 views

Video Conferencing with Zoom < 3.9.3 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/edit.php?posttype=zoom-meetings&page=zoom-video-conferencing-settings&a"alert/XSS/...

0.6AI score
Exploits0
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.122 views

MailPress <= 7.2.1 - Arbitrary Settings Update & Log Files Purge via CSRF

The plugin does not have CSRF checks in various places, which could allow attackers to make a logged in admin change the settings, purge log files and more via CSRF attacks document.getElementById"test".submit; input type="text" name="connectionsmtppasswo...

6.5CVSS1AI score0.00502EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.237 views

Germanized for WooCommerce < 3.9.5 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting https://example.com/wp-admin/admin.php?page=wc-settings&tab=germanized&a"alert/XSS/...

0.3AI score
Exploits0
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.171 views

WP Sentry <= 1.0 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well ' " document.getElementById"test".submit; "...

4.3CVSS0.8AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.118 views

Age Gate < 2.20.4 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting With the "Age Gate User Registration" addon installed: https://example.com/wp-admin/admin.php?page=age-gate&a"alert/XSS/ With any addon installed:...

0.1AI score
Exploits0
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.123 views

Easy Pricing Tables < 3.2.1 - Reflected Cross-Site-Scripting

The plugin does not sanitise and escape parameter before outputting it back in a page available to any user both authenticated and unauthenticated when a specific setting is enabled, leading to a Reflected Cross-Site Scripting With the "Compatibility Mode"...

6.1CVSS0.1AI score0.01388EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.125 views

Tiny Contact Form <= 0.7 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack '' document.getElementById"test".submit;...

4.3CVSS1.4AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/31 12:0 a.m.127 views

OpenBook Book Data <= 3.5.2 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well " " " " " input type="text" name="action"...

4.3CVSS0.4AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.140 views

Google XML Sitemaps < 4.1.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape a settings before outputting it in the Debug page, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup Put the following payload in the "Try to...

4.8CVSS4.8AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.140 views

Very Simple Contact Form < 11.6 - Captcha bypass

The plugin exposes the solution to the captcha in the rendered contact form, both as hidden input fields and as plain text in the page, making it very easy for bots to bypass the captcha check, rendering the page a likely target for spam bots. import requests from requestshtml import HTMLSession...

7.5CVSS7.6AI score0.01163EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.143 views

PDF24 Articles To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack input t...

6.5CVSS0.00513EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.164 views

PDF24 Article To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack input t...

6.5CVSS0.00513EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.128 views

Inline Google Maps <= 5.11 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping ' document.getElementById"test".submit;...

6.5CVSS1AI score0.00513EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.108 views

WP-Email < 2.69.0 - Anti-Spam Protection Bypass via IP Spoofing

The plugin prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based anti-spamming restrictions. Set HTTPCLIENTIP, HTTPXFORWARDEDFOR or any of the other headers used in getipaddress. curl...

7.5CVSS1.5AI score0.01105EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.143 views

CaPa Protect <= 0.5.8.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable the applied protection. HTMLFormElement.prototype.submit.call document.getElementById"test" ;...

6.5CVSS1AI score0.00513EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.114 views

Print, PDF, Email by PrintFriendly < 5.2.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the Custom Button Text settings, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed In the plugin's settings, tick 'Custom Button' and put the following payload ...

4.8CVSS0.4AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.145 views

Better Find and Replace < 1.3.6 - Admin+ SQLi

The plugin does not properly sanitise, validate and escape various parameters before using them in an SQL statement, leading to an SQL Injection...

7.2CVSS1.9AI score0.01214EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.81 views

New User Approve < 2.4.1 - Reflected Cross-Site Scripting

The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting With the Membership settings /wp-admin/options-general.php disabled: https://example.com/wp-admin/index.php?a"alert/XSS/...

Exploits0
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.117 views

WP-Email < 2.69.0 - Log Deletion via CSRF

The plugin does not protect its log deletion functionality with nonce checks, allowing attacker to make a logged in admin delete logs via a CSRF attack document.getElementById"test".submit;...

6.5CVSS1.3AI score0.00513EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.163 views

Events Made Easy < 2.2.81 - Unauthenticated SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection Obtain a valid nonce visit the "Events" page, default is /events/, and extract it from the source while looking for...

9.8CVSS1.2AI score0.36655EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.213 views

Newsletter < 7.4.6 - Admin+ Stored Cross-Site Scripting

The plugin does not escape and sanitise the preheadertext setting, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfilteredhtml is disallowed Go to Newsletters of Newsletter at wordpress admin panel eg...

4.8CVSS0.3AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.214 views

Coming Soon and Maintenance by Colorlib < 1.0.99 - Admin+ Stored Cross Site Scripting

The plugin does not sanitize and escape some settings, allowing high privilege users such as admin to perform Stored Cross-Site Scripting when unfilteredhtml is disallowed for example in multisite setup Put the following payload in the "Google Analytics" settings of the plugin in the General...

4.8CVSS4.8AI score0.00557EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.126 views

Multi-page Toolkit <= 2.6 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well ' input typ...

5.4CVSS0.3AI score0.00292EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/30 12:0 a.m.126 views

Amazon Einzeltitellinks <= 1.3.3 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping ' document.getElementById"test".submit;...

6.5CVSS1.2AI score0.00393EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/27 12:0 a.m.141 views

Plausible Analytics < 1.2.4 - Subscriber+ Arbitrary Settings Update

The plugin has a flawed logic when checking for authorisation and CSRF before updating its settings, allowing any authenticated users, such as subscriber, to update the plugin's settings. The attack is also possible via CSRF against any authenticated user. POST /wp-admin/admin-ajax.php HTTP/1.1...

0.5AI score
Exploits0
wpexploit
wpexploit
added 2022/05/26 12:0 a.m.165 views

Post Grid, Slider & Carousel Ultimate < 1.5.0 - Admin+ Stored XSS

The plugin does not sanitise and escape the Header Title, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Create a new Grid/Caroussel, in the General Settings, enable "Display Header Title" and put the following...

4.8CVSS0.1AI score0.00552EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/26 12:0 a.m.148 views

Seamless Donations < 5.1.9 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack document.getElementById"test".submit; Some link: https://google.com input type="text" name="dgxdonateemailanon" value="You have requested th...

6.5CVSS0.4AI score0.00513EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/26 12:0 a.m.137 views

underConstruction < 1.21 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise or escape the "Display a custom page using your own HTML" setting before outputting it, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiletredhtml capability is disallowed. In the plugin's settings, active Under Contraction...

4.8CVSS4.8AI score0.00552EPSS
Exploits2References1
wpexploit
wpexploit
added 2022/05/26 12:0 a.m.148 views

Mail Subscribe List < 2.1.4 - Arbitrary Subscribed User Deletion via CSRF

The plugin does not have CSRF check in place when deleting subscribed users, which could allow attackers to make a logged in admin perform such action and delete arbitrary users from the subscribed list document.getElementById"test".submit;...

4.3CVSS1.9AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/26 12:0 a.m.129 views

underConstruction < 1.20 - Construction Mode Deactivation via CSRF

The plugin does not have CSRF check in place when deactivating the construction mode, which could allow attackers to make a logged in admin perform such action via a CSRF attack...

4.3CVSS2.8AI score0.00412EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/24 12:0 a.m.490 views

Ocean Extra < 1.9.5 - Reflected Cross-Site Scripting

The plugin does not escape generated links which are then used when the OceanWP theme is active, leading to a Reflected Cross-Site Scripting issue https://example.com/wp-admin/?step=demo&page=owpsetup&a"alert/XSS/...

6.1CVSS0.9AI score0.01355EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/24 12:0 a.m.208 views

Rating by BestWebSoft < 1.6 - Rating Denial of Service

The plugin does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such rating Under Settings - Discussion, uncheck "Comment must be manually approved" Install and Enable Rating BestWebSoft plugin Change "Enable...

6.5CVSS6.5AI score0.01176EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/23 12:0 a.m.163 views

Appointment Hour Booking < 1.3.56 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed. Create/edit a calendar, and put the following payload in the "Additional CSS Class" settings of a...

4.8CVSS4.8AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/23 12:0 a.m.177 views

New User Email Set Up <= 0.5.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack document.getElementById"test".submit;...

6.5CVSS0.5AI score0.00513EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/23 12:0 a.m.114 views

postTabs <= 2.10.6 - Arbitrary Settings Update via CSRF to Stored XSS

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, which also lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping ' document.getElementById"test".submit;...

5.4CVSS0.7AI score0.00292EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/23 12:0 a.m.146 views

Peter’s Collaboration E-mails <= 2.2.0 - Arbitrary Settings Update via CSRF

The plugin is vulnerable to CSRF due to missing nonce checks. This allows the change of its settings, which can be used to lower the required user level, change texts, the used email address and more. input type="text" name="pceemailstosend...

6.5CVSS0.2AI score0.00502EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/23 12:0 a.m.124 views

Core Control <= 1.2.1 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack document.getElementById"test".submit; document.getElementById"test".submit;...

1.4AI score0.00285EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/23 12:0 a.m.115 views

Static Page eXtended <= 2.1 - Arbitrary Settings Update via CSRF to Stored XSS

Due to missing checks the plugin is vulnerable to CSRF attacks which allows changing the plugin settings, including required user levels for specific features. This could also lead to Stored Cross-Site Scripting due to the lack of escaping in some of the settings...

5.4CVSS5.3AI score0.00292EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/23 12:0 a.m.153 views

Filr - Secure Document Library < 1.2.2.1 - Subscriber+ AJAX Calls

The plugin does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. They are are protected with a nonce, however the nonce is leaked on the dashboard. This could allow them to upload arbitrary HTML files as well as...

8.8CVSS8.7AI score0.01263EPSS
Exploits2
wpexploit
wpexploit
added 2022/05/23 12:0 a.m.132 views

WP Admin Style <= 0.1.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed Put the following payload in the CSS settings of the plugin:...

4.8CVSS0.6AI score0.00565EPSS
Exploits2
Total number of security vulnerabilities4359