Lucene search
K
WpvulndbMost viewed

14603 matches found

WPVulnDB
WPVulnDB
added 2023/05/23 12:0 a.m.23 views

Ultimate Dashboard < 3.7.6 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to "Ultimate Dashboard - Settings -...

4.8CVSS4.9AI score0.0047EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/12 12:0 a.m.23 views

Download Manager < 3.2.71 - Contributor+ Stored Cross-Site Scripting

The plugin does not properly sanitize and escape user-supplied attributes in 'wpdmmembers', 'wpdmloginform', and 'wpdmregform' shortcodes, leading to Stored Cross-Site Scripting vulnerabilities...

6.4CVSS5.9AI score0.00646EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/11 12:0 a.m.23 views

WoodMart < 7.2.2 - Subscriber+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as subscriber to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.9AI score0.00361EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/09 12:0 a.m.23 views

VK Blocks < 1.54.0 - Multiple Stored XSS

The plugins do not sanitise and escape some parameters, which could lead to Stored Cross-Site Scripting issues...

5.4CVSS5.9AI score0.00613EPSS
Exploits0References1Affected Software2
WPVulnDB
WPVulnDB
added 2023/05/08 12:0 a.m.23 views

HollerBox < 2.1.4 - Admin+ SQL Injection

The plugin concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's database. PoC 1. Login as admin 2. Make sure HollerBox is installed and...

4.9CVSS9AI score0.00752EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/24 12:0 a.m.23 views

0mk Shortener <= 0.2 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.9AI score0.00394EPSS
Exploits0
WPVulnDB
WPVulnDB
added 2023/04/24 12:0 a.m.23 views

Side Cart Woocommerce < 2.2 - Settings Reset via CSRF

The plugin does not have CSRF check when reseting its Settings, which could allow attackers to make logged in admins perform such action via a CSRF attack PoC Make a logged in admin open https://example.com/wp-admin/admin.php?page=side-cart-woocommerce-settings=yes...

8.8CVSS6.2AI score0.00273EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.23 views

KIWIZ Invoices Certification & PDF System <= 2.1.3 - Unauthenticated Arbitrary File Download

The plugin does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization assuming they can upload a file on the server PoC To download ../../../../wp-config.php:...

7.5CVSS9.1AI score0.00866EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/14 12:0 a.m.23 views

Motor Racing League <= 1.9.9 - Admin+ XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.5AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/06 12:0 a.m.23 views

WP Fatest Cache < 1.1.3 - Multiple CSRF

The plugin does not have CSRF checks in various functions, which could allow attackers to make logged in admins perform unwanted actions such as update CDN/Cache settings via CSRF attacks...

4.3CVSS5.3AI score0.00227EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/05 12:0 a.m.23 views

YourChannel < 1.2.5 - Multiple CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in admins to reset and change the plugin's quick language translation, general and channel settings via CSRF attacks...

5.4CVSS6.8AI score0.00302EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/04/03 12:0 a.m.23 views

Ajax Search Lite Pro < 4.26.2 - Multiple Reflected Cross-Site Scripting

The plugin does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the code below...

6.1CVSS6.3AI score0.00458EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/03/28 12:0 a.m.23 views

Easy Media Replace < 0.2.0 - Author+ File Deletion

The plugin does not validate path of files to be deleted, which could allow users with a role of Author and above to delete files with an allowed extension...

6.7AI score0.00596EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/03/22 12:0 a.m.23 views

Waiting: One-click Countdowns <= 0.6.2 - Subscriber+ SQLi

The plugin does not properly sanitise and escape the pbcdownmetaid parameter before using it in a SQL statement via the pbcsavedowns AJAX action, leading to a SQL injection exploitable by any authenticated users, such as subscriber PoC Run the below command in the developer console of the web...

8.8CVSS9.1AI score0.00872EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/03/21 12:0 a.m.23 views

Drag and Drop Multiple File Upload PRO - Contact Form 7 Standard < 2.11.1 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admins. PoC Visit the following path on the site as an admin user:...

6.1CVSS5.7AI score0.00542EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
added 2023/03/20 12:0 a.m.23 views

FluentForms < 4.3.25 - Contributor+ Stored XSS via Custom HTML Form Field

The plugin does not properly sanitize and escape the srcdoc attribute in iframes in it's custom HTML field type, allowing a logged in user with roles as low as contributor to inject arbitrary javascript into a form which will trigger for any visitor to the form or admins previewing or editing the...

5.4CVSS6AI score0.00478EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/03/13 12:0 a.m.23 views

Shopping Cart & eCommerce Store < 5.4.3 - Admin+ LFI

The plugin does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks. PoC 1. Login as Admin. 2. Go to wp-admin/admin.php?page=wp-easycart-products=products 3. Click on Import Products. Browse any file and click on import file. Intercept the...

7.2CVSS6.9AI score0.01084EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/03/13 12:0 a.m.23 views

Robo Gallery < 3.2.13 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00478EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2023/03/10 12:0 a.m.23 views

RapidLoad Power-Up for Autoptimize < 1.7.2 - Unauthorised AJAX Calls

The plugin does not have authorisation and CSRF checks in various AJAX actions such as deleting logs files etc, allowing them to be called by any authenticated users, such a subscriber or via CSRF attacks...

6.3CVSS6.7AI score0.01024EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/03/10 12:0 a.m.23 views

GiveWP < 2.25.2 - Cross-Site Request Forgery

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/03/08 12:0 a.m.23 views

HT Easy GA4 ( Google Analytics 4 ) < 1.0.7 - Plugin Activation via CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00273EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/28 12:0 a.m.23 views

WoodMart < 7.1.2 - License Update/Deactivation via CSRF

The theme does not have CSRF checks when updating and deactivating the license, which could allow attackers to make logged in admins perform such actions via CSRF attacks PoC To deactivate the license...

4.8AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/28 12:0 a.m.23 views

OAuth Single Sign On - SSO (OAuth Client) Free < 6.24.2 - IdP Deletion via CSRF

The plugin does not have CSRF checks when deleting Identity Providers IdP, which could allow attackers to make logged in admins delete arbitrary IdP via a CSRF attack PoC https://example.com/wp-admin/admin.php?page=mooauthsettings=config=delete=wordpress...

6.5CVSS6.6AI score0.00442EPSS
Exploits5Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/27 12:0 a.m.23 views

Shortcodes Ultimate < 5.12.8 - Subscriber+ Arbitrary Post Access

The plugin does not ensure that posts to be displayed via some shortcodes are already public and can be accessed by the user making the request, allowing any authenticated users such as subscriber to view draft, private or even password protected posts. It is also possible to leak the password of...

6.5CVSS6.7AI score0.00654EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/24 12:0 a.m.23 views

Feed Them Social <= 3.0.2 - Settings Update via CSRF

The plugin does not have CSRF check when updating its settings, which could allow attackers to make logged in admins perform such action via a CSRF attack...

8.8CVSS6.7AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/17 12:0 a.m.23 views

WP Coder < 2.5.4 - Admin+ SQLi

The plugin does not properly sanitise and escape the id parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.2CVSS7.1AI score0.00798EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/13 12:0 a.m.23 views

WordPress Social Login and Register < 7.6.1 - Unauthenticated Arbitrary Content Deletion

The plugin does not have authorisation in some AJAX actions, allowing unauthenticated users to call them and perform unauthorised actions, such as delete social profile data...

6.9AI score0.0073EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/02 12:0 a.m.23 views

Print Invoice & Delivery Notes for WooCommerce < 4.7.2 - Reflected XSS

The plugin is vulnerable to reflected XSS by echoing a GET value in an admin note within the WooCommerce orders page. This means that this vulnerability can be exploited for users with the editothersshoporders capability. WooCommerce must be installed and active. This vulnerability is caused by a...

1.4AI score0.00516EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/02/02 12:0 a.m.23 views

Pinpoint Booking System < 2.9.9.2.9 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00509EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/27 12:0 a.m.23 views

Quick Restaurant Menu < 2.1.0 - Subscriber+ Arbitrary Post Deletion/Updating

The plugin does not ensure that the menu to be deleted/updated is actually a menu, and does not have authorisation in the related AJAX actions, which could allow any authenticated users, such as subscriber, to delete and update arbitrary posts...

7.6CVSS5.2AI score0.0065EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.23 views

Intuitive Custom Post Order < 3.1.4 - Subscriber+ Arbitrary Menu Order Update

The plugin does not check for authorization in the update-menu-order ajax action, allowing any logged in user with roles as low as Subscriber to update the menu order PoC Open the below HTML while being logged in as a subscriber...

4.3CVSS4.9AI score0.00486EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.23 views

Easy Affiliate Links < 3.7.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Exploit Additional CSS classes for "Easy...

6.8CVSS5AI score0.00699EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/24 12:0 a.m.23 views

Product Slider and Carousel with Category for WooCommerce < 2.8 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC wcpscwcpdtslider design='" onmouseover="alert1"'...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/17 12:0 a.m.23 views

Calculated Fields Form < 1.1.151 - Admin+ Stored Cross-Site Scripting via Dropdown Fields

The plugin does not sanitise and escape some of its form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup Partial fixes were implemented in versions...

3AI score0.00473EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/17 12:0 a.m.23 views

WP Visitor Statistics (Real Time Traffic) < 6.5 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC Exploit shortcode: wsmshowDayStatBox id='" onclick="javascript:alert1'...

5.4CVSS5AI score0.00477EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/17 12:0 a.m.23 views

WP FullCalendar < 1.5 - Unauthenticated Arbitrary Post Access

The plugin does not ensure that the post retrieved via an AJAX action is public and can be accessed by the user making the request, allowing unauthenticated attackers to get the content of arbitrary posts, including draft/private as well as password-protected ones. PoC Open the below URL as an...

5.3CVSS2AI score0.00694EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/17 12:0 a.m.23 views

OOPSpam Anti-Spam < 1.1.36 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/12 12:0 a.m.23 views

Giveaways and Contests by RafflePress < 1.11.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC rafflepress id='1' minheight="'; alert1...

5.4CVSS3.3AI score0.00573EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/11 12:0 a.m.23 views

WC Vendors Marketplace < 2.4.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC wcvrecentproducts columns='1"...

5.4CVSS3.1AI score0.00685EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/11 12:0 a.m.23 views

Naver Map <= 1.1.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC naver-map y='" onmouseover="alert1"...

5.4CVSS2.6AI score0.0051EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/11 12:0 a.m.23 views

EAN for WooCommerce < 4.4.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC algwceanproductimage productid='1'...

5.4CVSS2.6AI score0.00573EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/01/03 12:0 a.m.23 views

Members Import <= 1.4.2 - XSS via Imported CSV

The plugin does not sanitise and escape imported CSV, which could allow attackers to perform Cross-Site Scripting attacks if they can make an admin import a malicious CSV file...

6.1CVSS4.2AI score0.00653EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2022/12/21 12:0 a.m.23 views

Click to Chat < 3.18.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS1.4AI score0.00534EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/12/12 12:0 a.m.23 views

Launchpad <= 1.0.13 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.5AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/12/06 12:0 a.m.23 views

WP Smart Import < 1.0.3 - Reflected Cross-Ste Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

6.1CVSS0.9AI score0.00406EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/12/05 12:0 a.m.23 views

Loginizer < 1.7.6 - Unauthenticated Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, allowing unauthenticated attackers to send a request with XSS payloads, which will be triggered when a high privilege users such as admin visits a page from the plugin...

3.8AI score0.00435EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/11/30 12:0 a.m.23 views

Sliderby10Web < 1.2.53 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to "Slider » Sliders" and edit one of...

4.8CVSS1.1AI score0.00532EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/11/22 12:0 a.m.23 views

Flowplayer Video Player < 1.0.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks PoC As a contributor, put, the following shortcode in a page/post flowplayer...

5.4CVSS2.5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/11/16 12:0 a.m.23 views

Image Hover Effects < 5.5 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC Go to the plugin settings Image Hover Effects...

4.8CVSS0.6AI score0.00532EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/11/14 12:0 a.m.23 views

Follow Me Plugin <= 3.1.1 - Stored XSS via CSRF

The plugin does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

8.8CVSS4.2AI score0.00552EPSS
Exploits1Affected Software1
Total number of security vulnerabilities5000