Lucene search
K
WpvulndbMost viewed

14603 matches found

WPVulnDB
WPVulnDB
added 2024/03/05 12:0 a.m.24 views

Simple Membership < 4.4.3 - Unauthenticated Stored Self-Based Cross-Site Scripting

Description The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Display Name' parameter in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

6.1CVSS6.1AI score0.00867EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/28 12:0 a.m.24 views

WPvivid Backup for MainWP < 0.9.33 - Reflected Cross-Site Scripting

Description The WPvivid Backup for MainWP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 0.9.32 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

6.1CVSS6.5AI score0.0061EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/28 12:0 a.m.24 views

Events Manager < 6.4.7 - Authenticated(Administator+) Stored Cross-Site Scripting via settings

Description The Events Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 6.4.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-leve...

4.8CVSS5.9AI score0.00685EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/28 12:0 a.m.24 views

Download Media <= 1.4.2 - Missing Authorization via generate_link_for_media

Description The Download Media plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'generatelinkformedia' function in versions up to, and including, 1.4.2. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS6.3AI score0.00439EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.24 views

Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan < 4.52 - Missing Authorization to Unauthenticated IP Address Whitelist

Description The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the antihackeraddwhitelist function in all versions up to, and including, 4.51...

6.5CVSS6.7AI score0.00378EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/27 12:0 a.m.24 views

Conversios < 7.0.8 - Subscriber+ SQL Injection

Description The plugin is vulnerable to SQL Injection via the 'valueData' parameter due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above,...

8.8CVSS8.8AI score0.00828EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/25 12:0 a.m.24 views

WP Activity Log < 4.6.2 - Unauthenticated Stored Cross-Site Scripting

Description The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user agent header in versions up to, and including, 4.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

6.8CVSS5.8AI score0.00331EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/23 12:0 a.m.24 views

Heureka < 1.1.0 - Cross-Site Request Forgery

Description The plugin is vulnerable to Cross-Site Request Forgery. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unknown action granted they can trick a site administrator into performing an action...

4.3CVSS4.8AI score0.00277EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/22 12:0 a.m.24 views

Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio <= 3.6.4 - Authenticated (Contributor+) PHP Object Injection

Description The Play.ht – Make Your Blog Posts Accessible With Text to Speech Audio plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.6.4 via deserialization of untrusted input from the playpodcastdata post meta. This makes it possible for...

8.8CVSS7.4AI score0.0099EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/21 12:0 a.m.24 views

Sassy Social Share < 3.3.57 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.4CVSS6.1AI score0.00474EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/20 12:0 a.m.24 views

WP Setup Wizard < 1.0.8.2 - Authenticated (Subscriber+) Full Database Download

Description The WP Setup Wizard plugin for WordPress is vulnerable to unauthorized access of datadue to a missing capability check in all versions up to, and including, 1.0.8.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to download the entire...

6.5CVSS6.3AI score0.00644EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/16 12:0 a.m.24 views

My Private Site < 3.1.0 - Improper Access Control to Sensitive Information Exposure via REST API

Description The My Private Site plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.14 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's site privacy feature and view restricted page and post...

5.3CVSS5.1AI score0.00461EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/12 12:0 a.m.24 views

Login Lockdown – Protect Login Form < 2.09 - Subscriber+ Options Leak

Description The plugin does not prevent logged-in users of any role e.g. subscribers from leaking its settings, which may include allowlisted IP addresses as well as a global unlock key, with which they could add their own IP address to the plugin's list. PoC As a logged-in subscriber, visit the...

5.4CVSS9.3AI score0.00393EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/09 12:0 a.m.24 views

Awesome Support – WordPress HelpDesk & Support Plugin < 6.1.8 - Missing Authorization via editor_html()

Description The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the editorhtml function in all versions up to, and including, 6.1.7. This makes it possible for authenticated attackers, wit...

5CVSS6.5AI score0.004EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/09 12:0 a.m.24 views

CP Polls < 1.0.72 - Unauthenticated Content Injection

Description The Polls CP plugin for WordPress is vulnerable to content injection in all versions up to, and including, 1.0.71. This is due to insufficient validation on poll answers. This makes it possible for unauthenticated attackers to inject arbitrary content...

5CVSS7.1AI score0.00413EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/08 12:0 a.m.24 views

CP Polls < 1.0.72 - Unauthenticated Poll Limit Bypass

Description The Polls CP plugin for WordPress is vulnerable to Poll Limit Bypass in all versions up to, and including, 1.0.71. This is due to insufficient controls on on the voting system. This makes it possible for unauthenticated attackers to vote multiple times...

5CVSS6.7AI score0.0042EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/08 12:0 a.m.24 views

WP SMS < 6.5.3 - Reflected Cross-Site Scripting via 'page'

Description The WP SMS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in versions up to, and including, 6.5.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.8CVSS6.5AI score0.00375EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/07 12:0 a.m.24 views

Booking Calendar < 9.9.1 - Unauthenticated SQL Injection

Description The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the 'calendarrequestparamsdatesddmmyycsv' parameter in all versions up to, and including, 9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

9.8CVSS7.5AI score0.03151EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/06 12:0 a.m.24 views

TablePress < 2.2.5 - Authenticated(Author+) Server Side Request Forgery(SSRF) via _get_import_files

Description The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to and including 2.2.4 via the 'getimportfiles' function. This makes it possible for authenticated attackers, with author access and above, to make web...

3.3CVSS5.3AI score0.00549EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/02 12:0 a.m.24 views

Spiffy Calendar < 4.9.9 - Broken Access Control

Description The plugin doesn't check the eventauthor parameter, and allows any user to alter it when creating an event, leading to deceiving users/admins that a page was created by a Contributor+. PoC Using a Contributor+ account and a proxy interceptor such as Burp Suite, create an event. Change...

6.4AI score0.00482EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/31 12:0 a.m.24 views

Cookie Information < 2.0.23 - Subscriber+ Arbitrary Options Update

Description The plugin is vulnerable to arbitrary option updates due to a missing capability check on its AJAX request handler, allowing any authenticated users, such as subscriber to update arbitrary site options PoC Run the below command in the developer console of the web browser while being o...

6.5CVSS8.7AI score0.0147EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/31 12:0 a.m.24 views

Contact Form Entries < 1.3.3 - Admin+ Arbitrary File Upload

Description The plugin is vulnerable to arbitrary file uploads due to insufficient file validation on the 'viewpage' function, allowing authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code...

5.8CVSS7.7AI score0.01219EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/26 12:0 a.m.24 views

Form-Maker (twb_form-maker) < 1.15.22 - CSRF to limited RCE

Description The plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation on the 'execute' function. This makes it possible for unauthenticated attackers to execute arbitrary methods in the 'BoosterController' class via a forged request granted they can trick...

6.8CVSS7.2AI score0.00229EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/25 12:0 a.m.24 views

10Web AI Assistant – AI content writing assistant < 1.0.19 - Missing Authorization to Arbitrary Plugin Installation

Description The 10Web AI Assistant – AI content writing assistant plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the installplugin AJAX action in all versions up to, and including, 1.0.18. This makes it possible for authenticated...

6.5CVSS6.5AI score0.01365EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/24 12:0 a.m.24 views

Paid Memberships Pro < 2.12.8 - Cross-Site Request Forgery

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

5CVSS6.9AI score0.00951EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/24 12:0 a.m.24 views

ChatBot < 5.1.1 - Unauthenticated PHP Object Injection

Description The ChatBot with AI plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.1.0 via deserialization of untrusted input via the lastfiveprompt cookies. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain i...

7.5CVSS7.4AI score0.00519EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/23 12:0 a.m.24 views

WolfNet IDX for WordPress <= 1.19.1 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. In the settings of the plugin,...

7.8AI score0.00305EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2024/01/20 12:0 a.m.24 views

Import and export users and customers < 1.24.7 - Missing Authorization via fire_cron REST endpoint

Description The plugin is vulnerable to unauthorized modification of data due to an improper capability check on the firecron function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to trigger the plugin's cron job...

6.6AI score0.00317EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/20 12:0 a.m.24 views

Getwid – Gutenberg Blocks < 2.0.5 - Missing Authorization to Recaptcha API Key Modification

Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check on the recaptchaapikeymanage function in all versions up to, and including, 2.0.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to add, modify...

4.3CVSS6.3AI score0.00428EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/19 12:0 a.m.24 views

BA Plus <= 1.0.3 - Reflected Cross-Site Scripting

Description The BA Plus plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.1CVSS6.2AI score0.00331EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/01/18 12:0 a.m.24 views

EditorsKit < 1.40.4 - Authenticated (Administrator+) Arbitrary File Upload

Description The EditorsKit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'importstyles' function in versions up to, and including, 1.40.3. This makes it possible for authenticated attackers with administrator-level capabilities or above, t...

7.2CVSS7.6AI score0.0155EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/15 12:0 a.m.24 views

Barcode Scanner with Inventory & Order Manager < 1.5.2 - Unauthenticated Arbitrary File Upload via uploadFile

Description The Simple Inventory Management – just scan barcode to manage products and orders. For WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'uploadFile' function in all versions up to, and including, 1.5.1. This makes it...

10CVSS8.2AI score0.00631EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/12 12:0 a.m.24 views

WooCommerce Tranzila Gateway <= 1.0.8 - Unauthenticated PHP Object Injection

Description The Woocommerce Tranzila Payment Gateway plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.8 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No POP chain is present ...

10CVSS7.4AI score0.00645EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/01/12 12:0 a.m.24 views

Booster Plus for WooCommerce < 7.1.2 - Missing Authorization to Order Information Disclosure

Description The Booster Plus for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on an unknown function in all versions up to 7.1.2 exclusive. This makes it possible for authenticated attackers, with susbcriber-level access and above...

6.5CVSS6.3AI score0.00529EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/10 12:0 a.m.24 views

EventON (Free < 2.2.8, Premium < 4.5.6) - Unauthenticated Arbitrary Post Metadata Update

Description The plugins do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post metadata. Note: Such issue could lead to Unauthenticated Stored XSS due to the lack of sanitisation in...

6.1CVSS5.9AI score0.00373EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.24 views

ARMember < 4.0.11 - Subscriber+ Privilege Escalation

Description The plugin is vulnerable to privilege escalation due to insufficient input validation, allowing subscriber users and above to escalate their privileges...

7.6AI score0.00553EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.24 views

Easy Digital Downloads < 3.2.6 - Contributor+ Stored XSS

Description The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

6.5CVSS6.1AI score0.00328EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.24 views

ARI Stream Quiz < 1.3.1 - Authenticated (Contributor+) PHP Object Injection

Description The ARI Stream Quiz – WordPress Quizzes Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.0 via deserialization of untrusted input. This makes it possible for authenticated attackers, with contributor access or higher to injec...

9.9CVSS7.4AI score0.00627EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.24 views

Quiz And Survey Master < 8.1.17 - Unauthenticated Unauthorised Action

Description The plugin is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on one of its functions allowing unauthenticated attackers to invoke this function...

7.1AI score0.00313EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.24 views

RegistrationMagic Plugin < 5.2.4.6 - Authenticated(Administrator+) SQL Injection

Description The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to SQL Injection via an unknown parameter in all versions up to and including 5.2.4.5 due to insufficient escaping on the user supplied parameter and lack o...

7.6CVSS7.5AI score0.00529EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/03 12:0 a.m.24 views

Biteship for WooCommerce < 2.2.25 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape the biteshiperror and biteshipmessage parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open one of the URLs...

6.1CVSS5.8AI score0.0037EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/03 12:0 a.m.24 views

MC4WP < 4.9.10 - Unauthenticated Unpublished Form Preview

Description The plugin is vulnerable to unauthorized access of data due to a missing capability check on the 'listen' function, allowing unauthenticated attackers to preview unpublished forms...

7AI score0.0042EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/03 12:0 a.m.24 views

WP Compress < 6.10.34 - Unauthenticated Arbitrary File Read

Description The plugin is vulnerable to Directory Traversal via the css parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...

9.1CVSS6.7AI score0.0087EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/23 12:0 a.m.24 views

CSS & JavaScript Toolbox < 11.9 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.5AI score0.00328EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/19 12:0 a.m.24 views

Slick Social Share Buttons <= 2.4.11 - Authenticated (Subscriber+) Arbitrary Option Update

Description The Slick Social Share Buttons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'dcssbajaxupdate' function in versions up to, and including, 2.4.11. This makes it possible for authenticated attackers, with subscriber-leve...

8.8CVSS6.1AI score0.00487EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/15 12:0 a.m.24 views

Essential Real Estate < 4.4.0 - Subscriber+ Arbitrary File Upload

Description The plugin does not properly validate uploaded files via the ajaxUploadFonts function, allowing any authenticated users, such as subscriber to upload arbitrary files...

8.8CVSS6.9AI score0.01265EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/13 12:0 a.m.24 views

Export and Import Users and Customers < 2.4.9 - Shop Manager+ Arbitrary File Upload

Description The plugin does not properly check uploaded files via the uploadimportfile function, allowing users with the Shop Manager role and above to upload arbitrary files...

7.2CVSS6.9AI score0.01366EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.24 views

Advanced Page Visit Counter <= 8.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Advanced Page Visit Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 8.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and...

6.5CVSS5.7AI score0.00368EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/10 12:0 a.m.24 views

BC Menu Bar Cart Icon For WooCommerce By Binary Carpenter <= 1.49.3 - Cross-Site Request Forgery

Description The BC Menu Bar Cart Icon For WooCommerce By Binary Carpenter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.49.3. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for...

8.8CVSS6.6AI score0.00321EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/12/08 12:0 a.m.24 views

GDPR Cookie Consent by Supsystic <= 2.1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting

Description The GDPR Cookie Consent by Supsystic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.9CVSS5.9AI score0.00386EPSS
Exploits0References1
Total number of security vulnerabilities5000