14602 matches found
WPGlobus <= 1.9.6 - Stored XSS & CSRF
The WPGlobus – Multilingual Everything! WordPress plugin was affected by a Stored XSS & CSRF security vulnerability...
WooCommerce <= 3.2.3 - Authenticated PHP Object Injection
Versions 3.2.3 and earlier are affected by an issue where cached queries within shortcodes could lead to object injection. This is related to the recent WordPress 4.8.3 security release. This issue can only be exploited by users who can edit content and add shortcodes, but we still recommend all...
WP Statistics <= 12.0.7 - Authenticated SQL Injection
The WP Statistics WordPress plugin was affected by an Authenticated SQL Injection security vulnerability...
Mail Masta 1.0 - Multiple SQL Injection
Multiple SQL Injection vulnerabilities in Mail Masta Plugin version 1.0 for WordPress. The plugin is still affected and has been closed. PoC Please refer to: https://github.com/hamkovic/Mail-Masta-Wordpress-Plugin...
Headway Theme < 3.8.9 - Authenticated Cross-Site Scripting (XSS)
The headway WordPress theme was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...
WordPress 2.8-4.6 - Path Traversal in Upgrade Package Uploader
...
WordPress 4.5.2 - oEmbed Denial of Service (DoS)
...
Role Scoper <= 1.3.66 - Unauthenticated Reflected Cross-Site Scripting (XSS)
The Role Scoper Obsolete – Please install PublishPress Permissions WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability...
WordPress <= 4.2.3 - Nav Menu Title Cross-Site Scripting (XSS)
...
Broken Link Manager <= 0.4.5 - Unauthenticated SQL Injection & XSS
The Broken Link Manager WordPress plugin was affected by an Unauthenticated SQL Injection & XSS security vulnerability...
FeedWordPress <= 2015.0426 - XSS & SQL-Injection
The FeedWordPress WordPress plugin was affected by a XSS & SQL-Injection security vulnerability...
WPS Hide Login 1.0 - CSRF
CSRF security issue when saving option value in single site and multisite mode...
Shoppette < 1.0.5 - Unspecified XSS
The shoppette WordPress theme was affected by an Unspecified XSS security vulnerability...
WonderPlugin Audio Player 2.0 - Blind SQL Injection & XSS
The wonderplugin-audio WordPress plugin was affected by a Blind SQL Injection & XSS security vulnerability...
PowerPress Podcasting < 6.0.1 - Cross-Site Scripting (XSS)
The PowerPress Podcasting plugin by Blubrry WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability. PoC /wp-admin/admin.php?page=powerpress/powerpressadmincategoryfeeds.php=powerpress-editcategoryfeed=1';"--...
W3 Total Cache <= 0.9.4 - Debug Mode XSS
If debug mode is enabled an XSS vector exists in the HTML comments...
Cart66 Lite 1.5.1.14 - admin.php cart66-products Page Product Manipulation CSRF
The cart66-lite WordPress plugin was affected by an admin.php cart66-products Page Product Manipulation CSRF security vulnerability...
Complete Gallery Manager 3.3.3 - Arbitrary File Upload
The complete-gallery-manager WordPress plugin was affected by an Arbitrary File Upload security vulnerability...
All in One SEO Pack <= 2.0.3 - XSS
The All in One SEO Pack WordPress plugin was affected by a XSS security vulnerability...
uk-cookie - Cross-Site Request Forgery (CSRF)
The uk-cookie WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability...
timelineoptinpro - XSS
The timelineoptinpro WordPress plugin was affected by a XSS security vulnerability...
vkontakte-api - vkontakte-api/swf/tagcloud.swf tagcloud Parameter XSS
The VKontakte API – crossposting, comments, social buttons, login WordPress plugin was affected by a vkontakte-api/swf/tagcloud.swf tagcloud Parameter XSS security vulnerability...
Social Discussions - Multiple Path Disclosure
The Social Discussions WordPress plugin was affected by a Multiple Path Disclosure security vulnerability...
WordPress 2.1.1 - Command Execution Backdoor
PoC http://www.example.com/wp-includes/feed.php?ix=phpinfo; http://www.example.com/wp-includes/theme.php?iz=cat /etc/passwd...
portable-phpMyAdmin < 1.3.1 - Authentication Bypass
The portable-phpmyadmin WordPress plugin was affected by an Authentication Bypass security vulnerability...
WP Ultimate Email Marketer - Multiple Vulnerabilities
The wp-ultimate-email-marketer WordPress plugin was affected by a Multiple Vulnerabilities security vulnerability...
WordPress 3.6 - HTML File Upload Cross-Site Scripting (XSS)
...
WordPress 3.5-3.5.1 oEmbed Unspecified XML External Entity (XXE)
...
Photo Gallery by 10Web – Mobile-Friendly Image Gallery < 1.8.24 - Authenticated (Contributor+) Path Traversal via esc_dir Function
Description The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the escdir function. This makes it possible for authenticated attackers to cut and paste copy the contents of arbitrary file...
Hash Form – Drag & Drop Form Builder < 1.1.1 - Unauthenticated Arbitrary File Upload to Remote Code Execution
Description The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fileuploadaction' function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload...
Media Cleaner: Clean your WordPress! < 6.7.3 - Unauthenticated Information Exposure
Description The Media Cleaner: Clean your WordPress! plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.7.2 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information...
RegistrationMagic < 5.3.2.1 - Reflected Cross-Site Scripting
Description The RegistrationMagic – User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 5.3.2.0 due to insufficient input sanitization and output escaping. This makes it possible for...
Blocksy < 2.0.34 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...
Button contact VR <= 4.7 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Click on the "Button contact" and...
ClickCease Click Fraud Protection <= 3.2.6 - Cross-Site Request Forgery
Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they can trick a site administrator into performing an...
WP-Recall – Registration, Profile, Commerce & More < 16.26.6 - Unauthenticated SQL Injection
Description The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 16.26.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...
Popup Box – Best WordPress Popup Plugin < 4.3.7 - Missing Authorization to Information Exposure
Description The Popup Box – Best WordPress Popup Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayspbcreateauthor AJAX action in all versions up to, and including, 4.3.6. This makes it possible for unauthenticated attackers to...
WPBakery Visual Composer < 7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Author
Description The wpbakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Author tag attribute in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor...
Revslider < 6.7.0 - Authenticated (Author+) Stored Cross-Site Scripting
Description The Revslider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via svg upload in all versions up to, and including, 6.6.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in...
WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.12.9 - Unauthenticated Stored Cross-Site Scripting
Description The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'apikey' parameter in all versions up to, and including, 1.12.9 due to insufficient input sanitization and output...
Salon booking system < 9.6.3 - Unauthenticated Stored XSS
Description The plugin does not properly sanitize and escape the 'Mobile Phone' field and 'smsprefix' parameter when booking an appointment, allowing customers to conduct Stored Cross-Site Scripting attacks. The payload gets triggered when an admin visits the 'Bookings' page and the malicious...
My Sticky Bar < 2.6.8 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC You should click on "My Sticky Bar...
Quiz And Survey Master < 8.2.3 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 8.2.2 due to insufficient input sanitization and output escaping. This makes it...
YITH WooCommerce Product Add-Ons < 4.6.0 - Unuathenticated Cross-Site Scripting
Description The YITH WooCommerce Product Add-Ons plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...
OxyExtras < 1.4.5 - Unauthenticated Cross-Site Scripting
Description The OxyExtras plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute...
HUSKY – Products Filter for WooCommerce Professional < 1.3.5.3 - Contributor+ SQL Injection
Description The HUSKY – Products Filter for WooCommerce Professional plugin is vulnerable to SQL Injection via the 'name' parameter in the woof shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already...
LiteSpeed Cache < 5.7.0.1 - Unauthenticated CDN Status Update
Description The plugin is vulnerable to unauthorized modification of data due to a missing authorization check on the 'updatecdnstatus' function, allowing unauthenticated attackers to modify the plugin's CDN status...
SoundCloud Shortcode < 4.0.2 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
RSS Aggregator by Feedzy < 4.4.3 - Authenticated(Contributor+) SQL Injection
Description The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to SQL Injection via the ‘searchkey’ parameter in all versions up to, and including, 4.4.2 due to insufficient escaping on the user supplied parameter an...
Beds24 Online Booking < 2.0.24 - Authenticated(Administrator+) Stored Cross-Site Scripting
Description The Beds24 Online Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.0.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...