14602 matches found
Ninja Forms <= 3.3.13 - CSV Injection
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a CSV Injection security vulnerability...
Loginizer 1.3.8-1.3.9 - Unauthenticated Stored Cross-Site Scripting (XSS)
Versions 1.3.8 to 1.3.9 the Loginizer WordPress Plugin were found to be vulnerable to Stored Cross-Site Scripting XSS. The vulnerability was due to the Plugin’s logging functionality using the $SERVER'REQUESTURI' PHP variable to create a URL string that was logged to the database without any inpu...
Contact Form 7 to Database Extension 2.10.32 - CSV Injection
Note: The plugin has been closed on WP and moved to Github https://github.com/mdsimpson/contact-form-7-to-database-extension/releases...
WordPress 3.7-4.9.1 - MediaElement Cross-Site Scripting (XSS)
Description An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for most use cases, they have been removed from WordPress...
WordPress 4.3.0-4.9 - HTML Language Attribute Escaping
...
User Login History <= 1.5 - Cross-Site Scripting (XSS)
The User Login History WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...
WordPress 2.5.0-4.7.4 - Post Meta Data Values Improper Handling in XML-RPC
...
DTracker 1.5 - Multiple Unauthenticated Blind SQL Injections
The dtracker WordPress plugin was affected by a Multiple Unauthenticated Blind SQL Injections security vulnerability...
WordPress 4.2.0-4.7.1 - Press This UI Available to Unauthorised Users
...
mTouch Quiz <= 3.1.2 - Multiple Vulnerabilities XSS & CSRF
The mTouch Quiz WordPress plugin was affected by a Multiple Vulnerabilities XSS & CSRF security vulnerability...
WP Polls < 2.72 - SQL Injection
The WP-Polls WordPress plugin was affected by a SQL Injection security vulnerability...
Easing Slider <= 2.2.0.6 - 2 x Cross-Site Scripting (XSS)
The Easing Slider WordPress plugin was affected by a 2 x Cross-Site Scripting XSS security vulnerability...
Ninja Forms <= 2.8.8 - Stored & Reflected XSS
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a Stored & Reflected XSS security vulnerability...
Pie Register - wp-login.php Multiple Parameter XSS
The Pie Register – User Registration Forms. Invitation based registrations, Custom Login, Payments WordPress plugin was affected by a wp-login.php Multiple Parameter XSS security vulnerability...
grou-r&om-image-widget - Full Path Disclosure
The grou-random-image-widget WordPress plugin was affected by a Full Path Disclosure security vulnerability...
WordPress 3.1 - PCRE Library Remote DoS
...
Welcart e-Commerce 1.3.12 - purchase_limit Parameter DOM-based XSS
The Welcart e-Commerce WordPress plugin was affected by a purchaselimit Parameter DOM-based XSS security vulnerability...
WordPress 3.4-3.5.1 DoS in class-phpass.php
...
WordPress Poll <= 34.05 - SQL Injection
The WordPress Poll WordPress plugin was affected by a SQL Injection security vulnerability...
Simple Gmail Login < 1.1.4 - FPD
The Simple Gmail Login WordPress plugin was affected by a FPD security vulnerability...
Photo Gallery by 10Web <= 1.8.25 - Missing Authorization
Description The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.8.25. This makes it possible for authenticated attackers, with Subscriber-level...
Survey Maker – Best WordPress Survey Plugin < 3.6.4 - Unauthenticated Stored Cross-Site Scripting
Description The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an unknown parameter in all versions up to, and including, 3.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...
XML Sitemap & Google News < 5.4.9 - Unauthenticated Local File Inclusion
Description The XML Sitemap & Google News plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.4.8 via the 'feed' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the...
WooCommerce Amazon Affiliates - Wordpress Plugin <= 14.0.10 - Unauthenticated SQL Injection
Description The WZone plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 14.0.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...
XStore < 9.3.9 - Unauthenticated Local File Inclusion
Description The theme is vulnerable to Local File Inclusion, allowing unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution...
XStore Core <= 5.3.5 - Unauthenticated Privilege Escalation
Description The XStore Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.3.5. This makes it possible for unauthenticated attackers to gain higher privileged access to a vulnerable site...
Zynith SEO <= 7.4.9 - Unauthenticated Stored Cross-Site Scripting
Description The Zynith SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 7.4.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that...
Forminator < 1.15.4 - Reflected Cross-Site Scripting
Description The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.15.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
LearnPress – WordPress LMS Plugin < 4.2.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the id value in all versions up to, and including, 4.2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
Ovic Addon Toolkit <= 2.6.1 - Missing Authorization
Description The Ovic Addon Toolkit plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 2.6.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...
Multiple Page Generator Plugin – MPG < 3.4.1 - Cross-Site Request Forgery
Description The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4.0. This is due to missing or incorrect nonce validation on the deleteproject action. This makes it possible for unauthenticated attackers to...
Essential Grid < 3.1.2 - Unauthenticated Private Post Disclosure
Description The Essential Grid Gallery WordPress Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.1 via the onfrontajaxaction function. This makes it possible for unauthenticated attackers to view private and password protected...
File Manager < 7.2.6 - Authenticated (Administrator+) Directory Traversal
Description The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.2.5 via the fmdownloadbackup function. This makes it possible for authenticated attackers, with administrator access and above, to read the contents of arbitrary zip file...
Slider by Supsystic < 1.8.11 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Slider by Supsystic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.10 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Aparat for WordPress < 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Aparat for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, t...
Ultimate Addons for Beaver Builder – Lite < 1.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Separator Widget
Description The Ultimate Addons for Beaver Builder – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Separator widget in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...
Easy Social Feed < 6.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via fb_appid
Description The Easy Social Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘fbappid' parameter in versions up to, and including, 6.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WP ERP <= 1.12.9 - Authenticated (AccountingManager+) SQL Injection
Description The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to time-based SQL Injection via the id parameter via the erp/v1/accounting/v1/vendors/1/products/ REST route in all versions up to, and including, 1.12.9...
The Plus Addons for Elementor < 5.4.2 - Contributor+ LFI
Description The plugin is vulnerable to Local File Inclusion via the Team Member Listing and Clients widgets. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code i...
Paid Memberships Pro < 3.0 - Cross-Site Request Forgery
Description The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.10. This is due to missing nonce validation on the pmproliftersavestreamlineoption...
Premmerce Permalink Manager for WooCommerce < 2.3.11 - Unauthenticated Local File Inclusion
Description The Premmerce Permalink Manager for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.3.10. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of...
Avada < 7.11.7 - Authenticated (Contributor+) Server-Side Request Forgery via form_to_url_action
Description The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.11.6 via the formtourlaction function. This makes it possible for authenticated attackers, with contributor-level access and...
Ultimate Member < 2.8.4 - Unauthenticated Stored Cross-Site Scripting
Description The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in all versions up to, and including, 2.8.3 due to insufficient input...
Visual Composer Premium < 45.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Visual Composer Website Builder, Landing Page Builder, Custom Theme Builder, Maintenance Mode & Coming Soon Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom fields in all versions up to, and including, 45.6.0 due to insufficient input...
InstaWP Connect < 0.1.0.10 - Missing Authorization to Sensitive Information Dislcosure
Description The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in all versions up to, and including, 0.1.0.9. This makes it possible for authenticated attackers, with subscriber-level access and...
AI Engine: ChatGPT Chatbot < 1.9.99 - Unauthenticated Arbitrary File Upload
Description The plugin is vulnerable to arbitrary file uploads due to missing file type validation in the 'restupload' function in all versions up to, and including, 1.9.98. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make...
Beds24 Online Booking < 2.0.25 - Contributor+ Stored XSS
Description The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...
Seraphinite Accelerator < 2.20.48 - Unauthenticated Sensitive Information Exposure via Log File
Description The plugin is vulnerable to Sensitive Information Exposure, allowing unauthenticated attackers to extract sensitive user or configuration data from log files...
Barcode Scanner with Inventory & Order Manager < 1.5.2 - Unauthenticated SQL Injection via userToken
Description The Simple Inventory Management – just scan barcode to manage products and orders. For WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘userToken’ parameter in all versions up to 1.5.2 exclusive due to insufficient escaping on the user supplied parameter and la...
BookingPress < 1.0.75 - Unauthenticated Booking Price Manipulation
Description The plugin does not have proper validation in its bookingpressconfirmbooking, allowing unauthenticated user to modify the price of an appointment...