Lucene search
K
WpvulndbMost viewed

14603 matches found

WPVulnDB
WPVulnDB
•added 2022/07/26 12:0 a.m.•22 views

Simple Banner < 2.12.0 - Admin+ Stored Cross Site Scripting

The plugin does not properly sanitize its "Simple Banner Text" Settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Put the following payloads in the "Simple Banner Text" settings of the plugin: Firefox...

4.8CVSS1.4AI score0.00444EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/07/12 12:0 a.m.•22 views

GiveWP < 2.21.0 - Manager+ Arbitrary File Access via Export

The plugin does not validate the file to be exported, which could allow manager to read arbitrary file on the web server...

5.5CVSS3.3AI score0.00694EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2022/07/11 12:0 a.m.•22 views

GiveWP < 2.21.3 - DoS via CSRF

The plugin does not have CSRF in place when exporting data, and does not validate the exporting parameters such as dates, which could allow attackers to make a logged in admin DoS the web server via a CSRF attack as the plugin will try to retrieve data from the database many times which leads to...

6.5CVSS3.8AI score0.00383EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/06/27 12:0 a.m.•22 views

Contact Form 7 Captcha < 0.1.2 - Reflected Cross-Site Scripting

The plugin does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers PoC https://example.com/wp-admin/options-general.php?page=cf7sredit&"...

6.1CVSS1AI score0.01277EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/06/23 12:0 a.m.•22 views

Loading Page with Loading Screen < 1.0.83 - Admin+ Stored Cross-Site Scripting

The plugin does not escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Go to Settings - Loading Page, in the "Display loading screen in" settings, select either "specific pages" or...

4.8CVSS1AI score0.00493EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/06/22 12:0 a.m.•22 views

Download Manager < 3.2.48 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the 'Insert URL' field, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks. Note: The attempted fix made in 3.2.46 and 3.2.47 were found to be insufficient PoC As a contributor, create/edit a download an...

6.4CVSS5.4AI score0.00846EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/06/22 12:0 a.m.•22 views

Free Live Chat Support <= 1.0.12 - Stored Cross-Site Scripting via CSRF

The plugin does not have CSRF check in place when updating its settings and is lacking escaping as well as sanitisation in some of them, which could allow attackers to make a logged in admin change them and put XSS payloads in them via a CSRF attack...

8.8CVSS3.9AI score0.0053EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2022/06/21 12:0 a.m.•22 views

Very Simple Breadcrumb <= 1.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Put the following payload in the "Breadcrumb css class name" settings of the plugin: "...

4.8CVSS2.4AI score0.00493EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/06/21 12:0 a.m.•22 views

CDI < 5.1.9 - Reflected Cross-Site-Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting PoC...

6.1CVSS0.2AI score0.01297EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/06/15 12:0 a.m.•22 views

Core Plugin for Kitestudio Themes < 2.3.1 - Reflected Cross-Site-Scripting

The plugin does not sanitise and escape some parameters before outputting them back in a response of an AJAX action, available to both unauthenticated and authenticated users when a premium theme from the vendor is active, leading to a Reflected Cross-Site Scripting. PoC Install and active the...

6.1CVSS0.7AI score0.00734EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/05/30 12:0 a.m.•22 views

Coming Soon and Maintenance by Colorlib < 1.0.99 - Admin+ Stored Cross Site Scripting

The plugin does not sanitize and escape some settings, allowing high privilege users such as admin to perform Stored Cross-Site Scripting when unfilteredhtml is disallowed for example in multisite setup PoC Put the following payload in the "Google Analytics" settings of the plugin in the General...

4.8CVSS1AI score0.0057EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/05/26 12:0 a.m.•22 views

Post Grid, Slider & Carousel Ultimate < 1.5.0 - Admin+ Stored XSS

The plugin does not sanitise and escape the Header Title, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Create a new Grid/Caroussel, in the General Settings, enable "Display Header Title" and put the...

4.8CVSS0.8AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/05/23 12:0 a.m.•22 views

Private Files <= 0.40 - Protection Disabling via CSRF

The plugin is missing CSRF check when disabling the protection, which could allow attackers to make a logged in admin perform such action via a CSRF attack and make the blog public PoC That will also delete the .htaccess...

4.3CVSS4.8AI score0.00412EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/05/18 12:0 a.m.•22 views

Latest Tweets Widget <= 1.1.4 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC...

6.5CVSS4.8AI score0.00513EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/05/13 12:0 a.m.•22 views

Donations <= 1.8 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting...

5.4CVSS2.5AI score0.00538EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2022/05/09 12:0 a.m.•22 views

Amazon Link <= 3.2.10 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed. PoC Put the following payload in settings such as the "AWS Public Key": "...

4.8CVSS2.9AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/05/09 12:0 a.m.•22 views

CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi

The plugin does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack PoC On a page where the codepeople-image-store is embed, append the...

9.8CVSS0.9AI score0.1036EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/05/02 12:0 a.m.•22 views

Breeze < 2.0.3 - Subscriber+ Arbitrary Settings Update to Stored XSS

The plugin is lacking authorisation, CSRF and sanitisation in its AJAX actions available to any authenticated users, which could allow any logged in user to change the plugin's settings and perform XSS attacks...

6.5CVSS4.7AI score0.00538EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2022/04/29 12:0 a.m.•22 views

Ultimate Member < 2.3.2 - Open Redirect

The plugin is vulnerable to open redirects due to insufficient validation on supplied URLs in the social fields of the Profile Page, which makes it possible for attackers to redirect unsuspecting victims...

5.4CVSS4.6AI score0.00707EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/04/18 12:0 a.m.•22 views

Ubigeo de Peru < 3.6.4 - Unauthenticated SQLi

The plugin does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections PoC curl https://example.com/wp-admin/admin-ajax.php \ --data...

9.8CVSS1.7AI score0.09495EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/04/15 12:0 a.m.•22 views

MicroPayments < 1.9.6 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF in place when updating its settings, which could allow attacker to make a logged in admin perform such action via a CSRF attack...

8.8CVSS4.5AI score0.00781EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/04/13 12:0 a.m.•22 views

Admin Menu Editor <= 1.0.4 - Reflected Cross-Site Scripting

The plugin does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. PoC https://example.com/wp-admin/options-general.php?page=admin-menu-restriction="...

6.1CVSS0.1AI score0.00773EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/04/11 12:0 a.m.•22 views

SiteSuperCharger < 5.2.0 - Unauthenticated SQLi

The plugin does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions available to both unauthenticated and authenticated users, leading to Unauthenticated SQL Injections PoC curl https://example.com/wp-admin/admin-ajax.php --data...

9.8CVSS2.1AI score0.01602EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/04/11 12:0 a.m.•22 views

Fast Flow < 1.2.11 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the page parameter before outputting back in an attribute in an admin dashboard, leading to a Reflected Cross-Site Scripting PoC...

6.1CVSS1.7AI score0.00876EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/04/11 12:0 a.m.•22 views

eRoom < 1.3.9 - Cache Deletion via CSRF

The plugin does not have CSRF check in place when deleting cache, which could allow attackers to make logged in users delete cache via a CSRF attack...

4.3CVSS4.8AI score0.00432EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2022/04/04 12:0 a.m.•22 views

Opensea < 1.0.3 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, like its "Referer address" field, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS2.9AI score0.00577EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/03/31 12:0 a.m.•22 views

ThirstyAffiliates < 3.10.5 - Subscriber+ unauthorized image upload + CSRF

The plugin lacks authorization checks in the tainsertexternalimage action, allowing a low-privilege user with a role as low as Subscriber to add an image from an external URL to an affiliate link. Further the plugin lacks csrf checks, allowing an attacker to trick a logged in user to perform the...

4.3CVSS4.4AI score0.00335EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/03/21 12:0 a.m.•22 views

Advanced Booking Calendar < 1.7.1 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the room parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue PoC...

6.1CVSS0.1AI score0.01618EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/03/07 12:0 a.m.•22 views

Title Experiments Free < 9.0.1 - Unauthenticated SQLi

The plugin does not sanitise and escape the id parameter before using it in a SQL statement via the wpextitles AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection PoC curl 'https://example.com/wp-admin/admin-ajax.php' --data 'action=wpextitles=1 AND SELECT...

9.8CVSS2.9AI score0.10079EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/02/16 12:0 a.m.•22 views

WP Voting Contest <= 2.1 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the postid parameter before outputting it back in the response via the wpvcsocialshareicons AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting issue PoC...

3AI score0.00783EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/02/16 12:0 a.m.•22 views

Powerkit < 2.5.9 - Post Views Settings Update/Reset via CSRF

The plugin does not have CSRF checks when saving or reseting its post views settings, which could allow an attacker to make a logged in admin change or reset them via a CSRF attack PoC...

1.3AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/02/03 12:0 a.m.•22 views

Yet Another Stars Rating < 3.0.0 - Reflected Cross-Site Scripting

The plugin does not sanitise the source parameter before outputting it back in the response via the yasrloadrankings AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting...

6.1CVSS3.2AI score0.00803EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/02/01 12:0 a.m.•22 views

Cost Calculator < 1.6 - Contributor+ Stored Cross-Site Scripting

The plugin allows users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks via the Description fields of a Cost Calculator Price Settings which gets injected on the edit page as well as any page that embeds the calculator using the shortcode, as well as the Text...

5.4CVSS1.4AI score0.00595EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/01/26 12:0 a.m.•22 views

WP Accessibility Helper (WAH) < 0.6.0.7 - Reflected Cross-Site Scripting (XSS)

The plugin does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue PoC https://example.com/?wahi=JzthbGVydCgxKTsvLw==...

6.1CVSS6AI score0.01718EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/01/19 12:0 a.m.•22 views

Shield Security < 13.0.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape admin notes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed. PoC Put the following payload as an Admin Note Shield Security Tools Admin Notes:...

4.8CVSS2.5AI score0.00588EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/01/17 12:0 a.m.•22 views

Permalink Manager < 2.2.15 - Reflected Cross-Site Scripting

The plugins do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue PoC https://example.com/index.php?p=%3Cimg%20src%20onerror=alert/XSS/%3Eurl=1...

6.1CVSS0.9AI score0.03368EPSS
Exploits2References1Affected Software2
WPVulnDB
WPVulnDB
•added 2022/01/14 12:0 a.m.•22 views

Download Monitor < 4.4.7 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting issues...

5.4CVSS2.9AI score0.00573EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2022/01/14 12:0 a.m.•22 views

Random Banner < 4.1.6 - Admin+ Stored Cross-Site Scripting

The plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the /include/models/model.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.4. This affects...

4.8CVSS4.5AI score0.04362EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/01/10 12:0 a.m.•22 views

Cluevo < 1.8.1 - Admin+ Stored Cross Site Scripting

The plugin does not sanitise and escape Course's module, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC On the Learning Management page /wp-admin/admin.php?page=cluevo-lms, click Add Course, then put the...

4.8CVSS2.1AI score0.00598EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2022/01/07 12:0 a.m.•22 views

Paid Memberships Pro < 2.6.7 - Unauthenticated Blind SQL Injection

The plugin does not escape the discountcode in one of its REST route available to unauthenticated users before using it in a SQL statement, leading to a SQL injection PoC https://example.com/?restroute=/pmpro/v1/checkoutlevelid=3code=%27%20%20union%20select%20sleep1%20--%20g...

9.8CVSS1AI score0.81828EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/01/06 12:0 a.m.•22 views

IP2Location Country Blocker < 2.26.5 - Subscriber+ Arbitrary Country Ban

The plugin does not have authorisation and CSRF checks in the ip2locationcountryblockersaverules AJAX action, allowing any authenticated users, such as subscriber to call it and block arbitrary country, or block all of them at once, preventing users from accessing the frontend. v2.26.5 added...

7.1CVSS1.7AI score0.00537EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2022/01/03 12:0 a.m.•22 views

NextScripts: Social Networks Auto-Poster < 4.3.25 - Arbitrary Post Deletion via CSRF

The plugin does not have CSRF check in place when deleting items, allowing attacker to make a logged in admin delete arbitrary posts via a CSRF attack PoC https://example.com/wp-admin/admin.php?page=nxssnap-reposter=1=delete...

6.5CVSS2AI score0.00531EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2021/12/27 12:0 a.m.•22 views

Code Snippets < 2.14.3 - Reflected Cross-Site Scripting

The plugin does not escape the snippets-safe-mode parameter before outputting it back in attributes, leading to a Reflected Cross-Site Scripting issue PoC...

6.1CVSS0.6AI score0.02268EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2021/12/23 12:0 a.m.•22 views

Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.25 - Reflected XSS

The plugin does not escape the sib-statistics-date parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue PoC...

6.1CVSS1.3AI score0.0081EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2021/12/08 12:0 a.m.•22 views

PublishPress Capabilities < 2.3.1 - Unauthenticated Arbitrary Options Update to Blog Compromise

The plugin does not have authorisation and CSRF checks when updating the plugin's settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a result, unauthenticated attackers could update arbitrary blog options, such as the default role and make any...

9.8CVSS0.7AI score0.06745EPSS
Exploits2References1Affected Software2
WPVulnDB
WPVulnDB
•added 2021/12/06 12:0 a.m.•22 views

Site Reviews < 5.17.3 - Unauthenticated Stored Cross-Site Scripting

The plugin does not sanitise and escape the site-reviews parameter of the glsraction AJAX action available to unauthenticated and any authenticated users, allowing them to perform Cross-Site Scripting attacks against logged in admins viewing the Tool dashboard of the plugin PoC...

6.1CVSS0.3AI score0.01314EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2021/12/06 12:0 a.m.•22 views

WooCommerce PDF Invoices & Packing Slips < 2.10.5 - Reflected Cross-Site Scripting

The plugin does not escape the tab and section parameters before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting in the admin dashboard PoC...

4.8CVSS1AI score0.01188EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
•added 2021/11/17 12:0 a.m.•22 views

Login/Signup Popup < 2.2 - Reflected Cross-Site Scripting

The plugin does not escape its tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting issue PoC https://example.com/wp-admin/admin.php?page=xoo-el-fields="...

6.1AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2021/11/15 12:0 a.m.•22 views

StopBadBots < 6.67 - Unauthenticated SQL Injection

The plugin does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection PoC GET / HTTP/1.1 User-Agent: Zongbot' where id = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'-- - Accept:...

9.8CVSS9.2AI score0.01575EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2021/11/15 12:0 a.m.•22 views

Modern Events Calendar Lite < 6.1.5 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape the currentmonthdivider parameter of its meclistloadmore AJAX call available to both unauthenticated and authenticated users before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue PoC...

6.1CVSS5.8AI score0.00795EPSS
Exploits2Affected Software1
Total number of security vulnerabilities5000