Lucene search
K
WpexploitRecent

4359 matches found

wpexploit
wpexploit
•added 2022/05/12 12:0 a.m.•115 views

WordPress Forms by Pie Forms < 1.4.9.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its form fields, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfilteredhtml is disallowed Create/edit a form, go to the Form Settings - General Settings and put the following payload in the "Form...

4.8CVSS0.1AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/11 12:0 a.m.•141 views

WooCommerce Green Wallet Gateway < 1.0.2 - Reflected Cross Site Scripting in checkout page

The plugin does not escape the errorenvision query parameter before outputting it to the page, leading to a Reflected Cross-Site Scripting vulnerability. 1. Enable greenwallet-gateway as a woocommerce payment gateway 2. add something in your cart and visit the checkout page 3. visit...

6.1CVSS0.6AI score0.00757EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/11 12:0 a.m.•122 views

Database Backup for WordPress < 2.5.2 - Arbitrary Schedule Settings Update via CSRF

The plugin does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. This could lead to cases where attackers can send backup notification emails to themselves, which contain more details. O...

5.8CVSS1AI score0.00402EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/11 12:0 a.m.•151 views

WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLi

The plugin does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users curl 'https://example.com/index.php?restroute=/xs-donate-form/payment-redirect/3' \ --data '"id": "SELECT 1 FROM...

9.8CVSS1.6AI score0.07879EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/11 12:0 a.m.•144 views

Five Minute Webshop <= 1.3.2 - Admin+ SQLi via orderby

The plugin does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection https://example.com/wp-admin/admin.php?page=fmwesproducts&orderby=id+AND+SELECT+7394+FROM+SELECTSLEEP5UrUZ...

4.9CVSS1.5AI score0.00951EPSS
Exploits2References1
wpexploit
wpexploit
•added 2022/05/10 12:0 a.m.•134 views

Easy FAQ with Expanding Text <= 3.2.8.3.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks when unfilteredhtml is disallowed Put the following payload in any of the plugin's settings such as Font size, Font Color and save: "...

4.8CVSS0.8AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/10 12:0 a.m.•128 views

Quotes llama < 1.0.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape Quotes, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed. The attack could also be performed by tricking an admin to import a malicious CSV file Create/edit a quote and put t...

4.8CVSS0.4AI score0.0064EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/10 12:0 a.m.•165 views

WP Statistics < 13.2.2 - Reflected Cross-Site Scripting

The plugin does not sanitise the REQUESTURI parameter before outputting it back in the rendered page, leading to Cross-Site Scripting XSS in web browsers which do not encode characters GET /wp-admin/admin.php?page=wpssettingspage&a=confirm/XSS/ HTTP/1.1 Accept:...

6.1CVSS1.1AI score0.00857EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•133 views

Logo Slider <= 1.4.8 - Admin+ SQLi

The plugin does not sanitise and escape the lspsliderid parameter before using it in a SQL statement via the Manage Slider Images admin page, leading to an SQL Injection https://example.com/wp-admin/admin.php?page=manageimages&lspsliderid=1+AND+SELECT+7741+FROM+SELECTSLEEP5hlAf...

4CVSS1.8AI score0.00764EPSS
Exploits2References1
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•125 views

Slideshow <= 2.3.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its default slideshow settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed As admin, put the following payload in the "Number of seconds the sli...

4.8CVSS0.3AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•115 views

amtyThumb <= 4.2.0 - Subscriber+ SQLi

The plugin does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to an SQL injection and is exploitable by any authenticated user and not just Author+ like the original advisory mention due to the fact that they can execute shortcodes via an AJAX...

8.8CVSS0.8AI score0.0151EPSS
Exploits2References1
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•109 views

Simple Real Estate Pack <= 1.4.8 - Admin+ Stored Cross Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed Put the following payload in the plugin's settings such as "Consumer Key": "...

4.8CVSS0.9AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•97 views

No Future Posts <= 1.4 - Admin+ Stored Cross-Site Scripting

The plugin does not escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfilteredhtml is disallowed Put the following payload in any of the plugin's settings such as Exclude posts IDs and save: " autofocus onfocus=alert/XSS///...

4.8CVSS0.8AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•129 views

Slideshow <= 2.3.1 - Author+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its Slideshow settings, which could allow users with a role as low as Author to perform Cross-Site Scripting attacks As author and above, create/edit a slideshow and put the following payload in the "Number of seconds the slide takes to slide in",...

0.6AI score
Exploits0
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•96 views

HPB Dashboard <= 1.3.1 - Admin+ Stored Cross Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed. Put the following payload in the plugin's settings: "...

4.8CVSS0.7AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•136 views

BannerMan <= 0.2.4 - Multiple Admin+ Stored Cross-Site Scripting

The plugin does not sanitize or escape its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks when the unfilteredhtml is disallowed such as in multisite As administrator, put the following payloads in the mentioned settings of the plugin...

4.8CVSS4.9AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•116 views

Form Maker By 10Web < 1.14.12 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape the Custom Text settings, which could allow high privilege user such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed In a form settings, put the following payload in the Actions after submission Action Type Custom Tex...

4.8CVSS0.00995EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•174 views

Call&Book Mobile Bar <= 1.2.2 - Admin+ Stored Cross Site Scripting

The plugin does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed. Put the following payload in any of the plugin's settings: "...

4.8CVSS0.5AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•137 views

IMDB info box <= 2.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed As administrator, put the following payload in any of the plugin's settings and save: "alert/XSS/;...

4.8CVSS0.4AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•86 views

Birthdays Widget <= 1.7.18 - Admin+ Stored Cross Site Scripting

The plugin does not sanitise and escape some of its fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed As admin, create/edit a Birthday and add the following payload in the Name field:...

4.8CVSS1.1AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•107 views

Five Minute Webshop <= 1.3.2 - Admin+ SQLi via id

The plugin does not sanitise and escape the id parameter before using it in a SQL statement when editing a product via the admin dashboard, leading to an SQL Injection https://example/wp-admin/admin.php?page=fmweseditproduct&id=1+AND+SELECT+6037+FROM+SELECTSLEEP5Uiuu...

4CVSS1.2AI score0.00764EPSS
Exploits2References1
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•111 views

User Meta < 2.4.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the Form Name, as well as Shared Field Labels before outputting them in the admin dashboard when editing a form, which could allow high privilege users to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed An an admin - Create/edit ...

4.8CVSS0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•137 views

Realty Workstation < 1.0.15 - Agent SQLi

The plugin does not sanitise and escape the transedit parameter before using it in a SQL statement when an agent edit a transaction, leading to an SQL injection As a logged in agent:...

4.9CVSS0.8AI score0.00951EPSS
Exploits2References1
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•115 views

Amazon Link <= 3.2.10 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed. Put the following payload in settings such as the "AWS Public Key": "...

4.8CVSS0.6AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•90 views

External Links in New Window / New Tab < 1.43 - Unauthenticated Stored Cross-Site Scripting

The plugin does not properly escape URLs it concatenates to onclick event handlers, which makes Stored Cross-Site Scripting attacks possible. On any post on the affected site, add the following link to a comment: Click here for XSS Click on the link, you should be getting an alert box...

6.1CVSS6AI score0.00757EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•130 views

Note Press <= 0.1.10 - Admin+ SQLi via id

The plugin does not sanitise and escape the id parameter before using it in various SQL statement via the admin dashboard, leading to SQL Injections https://example.com/wp-admin/admin.php?page=NotePress-Main-Menu&action=view&id=17+AND+SELECT+3630+FROM+SELECTSLEEP5KdTt...

4CVSS2.2AI score0.00764EPSS
Exploits2References1
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•131 views

Change wp-admin Login < 1.1.0 - Unauthenticated Arbitrary Settings Update

The plugin does not properly check for authorisation and is also missing CSRF check when updating its settings, which could allow unauthenticated users to change the settings. The attacked could also be performed via a CSRF vector curl --url...

7.5CVSS1.8AI score0.00578EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•164 views

External Links in New Window / New Tab < 1.43 - Tabnabbing

The plugin does not ensure window.opener is set to "null" when links to external sites are clicked, which may enable tabnabbing attacks to occur. Create an external link, check window.opener in the newly opened tab after clicking the external link...

6.5CVSS0.5AI score0.01265EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•80 views

StaffList < 3.1.7 - Reflected Cross-Site Scripting

The plugin does to sanitise and escape a parameter before outputting it back in various places in an admin page, leading to a Reflected cross-Site Scripting v v 3.1.7 - https://example.com/wp-admin/admin.php?page=stafflist&search=aa' style=animation-name:rotation onanimationstart=alert/XSS///...

0.9AI score
Exploits0
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•105 views

Note Press <= 0.1.10 - Admin+ SQLi via Update

The plugin does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection POST /wp-admin/admin.php?page=NotePress-Main-Menu&action=edit&id=17 HTTP/1.1 Accept:...

4CVSS0.8AI score0.00764EPSS
Exploits2References1
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•135 views

CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi

The plugin does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack On a page where the codepeople-image-store is embed, append the following...

9.8CVSS1.6AI score0.1036EPSS
Exploits2References1
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•109 views

Note Press <= 0.1.10 - Admin+ SQLi via Bulk Actions

The plugin does not sanitise and escape the ids from the bulk actions before using them in a SQL statement in an admin page, leading to an SQL injection...

4CVSS1.9AI score0.00764EPSS
Exploits2References1
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•162 views

JivoChat < 1.3.5.4 - Stored Cross-Site Scripting via CSRF

The plugin does not properly check CSRF tokens on POST requests to the plugins admin page, and does not sanitise some parameters, leading to a stored Cross-Site Scripting vulnerability where an attacker can trick a logged in administrator to inject arbitrary javascript. XSS will be triggered when...

5.4CVSS0.9AI score0.00292EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/09 12:0 a.m.•518 views

Team Members < 5.1.1 - Admin+ Stored Cross-Site Scripting

The plugin does not escape some of its Team settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed The teamcolor field ie "Main color" setting of a team is affected POST /wp-admin/post.php HTTP/1.1 Accept:...

4.8CVSS0.2AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/06 12:0 a.m.•118 views

WP 2FA < 2.2.1 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting https://example.com/wp-admin/admin.php?page=wp-2fa-settings&settingserror=...

6.1CVSS0.9AI score0.00815EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/04 12:0 a.m.•119 views

Poll Maker < 4.0.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some settings, which could allow high privilege users such as admin to perform Store Cross-Site Scripting attack even when unfilteredhtml is disallowed Put the following payload in any of the Mailchimp integration settings...

4.8CVSS0.7AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/03 12:0 a.m.•104 views

Content Mask < 1.8.4.1 - Subscriber+ Arbitrary Options Update

The plugin does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options POST /wp-admin/admin-ajax.php...

4.3CVSS0.6AI score0.01052EPSS
Exploits3
wpexploit
wpexploit
•added 2022/05/03 12:0 a.m.•236 views

Smush < 3.9.9 - Admin+ Reflected Cross-Site Scripting

The plugin does not sanitise and escape a configuration parameter before outputting it back in an admin page when uploading a malicious preset configuration, leading to a Reflected Cross-Site Scripting. For the attack to be successful, an attacker would need an admin to upload a malicious...

6.1CVSS0.00757EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/03 12:0 a.m.•117 views

Enable SVG < 1.4.0 - Author+ Stored Cross Site Scripting via SVG

The plugin does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads As an author or above, upload the below SVG file via the Media library: alert/XSS/; The XSS will be triggered when accessing the file directly, e...

5.4CVSS5.3AI score0.00571EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/03 12:0 a.m.•103 views

StaffList < 3.1.6 - Reflected Cross-Site Scripting

The plugin does to sanitise and escape a parameter before outputting it back in an admin page, leading to a Reflected cross-Site Scripting https://example.com/wp-admin/admin.php?page=stafflist&remove=1&p=1%27%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E...

1.3AI score
Exploits0References1
wpexploit
wpexploit
•added 2022/05/03 12:0 a.m.•382 views

VikBooking < 1.5.9 - Reflected Cross-Site Scripting

The plugin does not escape the current URL before putting it back in a JavaScript context, leading to a Reflected Cross-Site Scripting https://example.com/wp-admin/?test%22-alert/XSS/-%22 https://example.com/wp-admin/profile.php?test%22-alert/XSS/-%22...

6.1CVSS0.5AI score0.00757EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/02 12:0 a.m.•204 views

Nirweb support < 2.8.2 - Unauthenticated SQLi

The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an SQL injection curl https://example.com/wp-admin/admin-ajax.php --data 'action=answerdticket&idform=1 UNION ALL SELECT NULL,NULL,SELECT userpa...

9.8CVSS1.6AI score0.12408EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/02 12:0 a.m.•144 views

Check & Log email < 1.0.6 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting https://example.com/wp-admin/admin.php?page=check-email-settings&tab="...

6.1CVSS0.4AI score0.00757EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/02 12:0 a.m.•223 views

WP Meta SEO < 4.4.7 - Admin+ Stored Cross-Site Scripting via breadcrumbs

The plugin does not sanitise or escape the breadcrumb separator before outputting it to the page, allowing a high privilege user such as an administrator to inject arbitrary javascript into the page even when unfiltered html is disallowed. As admin, put the following payload in the Breadcrumb...

4.8CVSS0.3AI score0.00646EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/02 12:0 a.m.•163 views

StaffList < 3.1.5 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement when searching for Staff in the admin dashboard, leading to an SQL Injection https://example.com/wp-admin/admin.php?page=stafflist&search=test%'+AND+SELECT+42+FROM+SELECTSLEEP5b+AND+'aa%'='aa...

9.8CVSS1.6AI score0.2038EPSS
Exploits2References2
wpexploit
wpexploit
•added 2022/05/02 12:0 a.m.•120 views

Tabs Responsive < 2.2.8 - Editor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape Tab descriptions, which could allow high privileged users with a role as low as editor to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed Create/edit a Tab via the plugin, and put the following payload in a Tab...

4.8CVSS0.5AI score0.00565EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/02 12:0 a.m.•220 views

WP Contacts Manager <= 2.2.4 - Unauthenticated SQLi

The plugin fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to an SQL injection vulnerability. curl 'http://127.0.0.1:8080/wp-admin/admin-ajax.php?action=WPContactsManagercall&type=get-contact' \ --data '"id":"1\u002...

9.8CVSS1AI score0.01568EPSS
Exploits2
wpexploit
wpexploit
•added 2022/05/02 12:0 a.m.•145 views

WP Subscribe < 1.2.13 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its widgets settings, which could allow high privilege users such as admin to perform Cross-Site Scripting even when unfilteredhtml is disallowed Add the widget of the plugin to a page, and put the following payload in settings such as "Title",...

4.8CVSS0.1AI score0.00533EPSS
Exploits1References1
wpexploit
wpexploit
•added 2022/05/02 12:0 a.m.•122 views

StaffList < 3.1.6 - Arbitrary Staff Deletion via CSRF

The plugin does not have CSRF check in place when deleting staff members, which could allow attacker to make a logged in admin perform such action and delete arbitrary staff via a CSRF attack https://example.com/wp-admin/admin.php?page=stafflist&s=last&remove=1&p=1...

4.6AI score
Exploits0References1
wpexploit
wpexploit
•added 2022/04/27 12:0 a.m.•102 views

WP-Invoice <= 4.3.1 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attacker to make a logged in admin update them and change the minimum role allowed to access the plugin's features to subscriber for example, which would make invoices available to any authenticated users...

1.5AI score
Exploits0
Total number of security vulnerabilities4359