Lucene search
K
WpvulndbMost viewed

14603 matches found

WPVulnDB
WPVulnDB
•added 2024/01/03 12:0 a.m.•21 views

PageLayer < 1.7.9 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the 'pagelayerheadercode', 'pagelayerbodyopencode', and 'pagelayerfootercode' meta fields due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

5.4CVSS5.8AI score0.00427EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2024/01/01 12:0 a.m.•21 views

Solid Security Basic < 9.0.1 - Unauthenticated Login Page Disclosure

Description The plugin is vulnerable to protection mechanism bypass due to disclosing the login path when comments are enabled and registration is required. This makes it possible for unauthenticated attackers to discover the login page path and bypass the intended functionality of the security...

7.2AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/12/29 12:0 a.m.•21 views

Mail logging - WP Mail Catcher < 2.1.4 - Admin+ SQLi

Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.6CVSS7.7AI score0.00534EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/12/25 12:0 a.m.•21 views

Estatik Real Estate Plugin < 4.1.1 - Subscriber+ Arbitrary Option Update

Description The plugin does not prevent user with low privileges on the site, like subscribers, from setting any of the site's options to 1, which could be used to break sites and lead to DoS when certain options are reset PoC Run the below command in the developer console of the web browser whil...

6.5CVSS6.6AI score0.0061EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/12/25 12:0 a.m.•21 views

Estatik Real Estate Plugin < 4.1.1 - Unauthenticated PHP Object Injection

Description The plugin unserializes user input via some of its cookies, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget chain is present on the blog PoC To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup...

9.8CVSS7.2AI score0.00926EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/12/22 12:0 a.m.•21 views

Backup Migration 1.0.8 - 1.3.9 - Remote File Inclusion via content-dir

Description The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. NOTE: Successful...

9.8CVSS7.6AI score0.06419EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/12/19 12:0 a.m.•21 views

WP Shortcodes Plugin — Shortcodes Ultimate < 7.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'subutton', 'sumembers', and 'sutabs' shortcodes in all versions up to, and including, 7.0.0 due to insufficient input sanitization and output escaping on...

5.4CVSS5.7AI score0.00473EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/12/09 12:0 a.m.•21 views

WappPress < 6.0.0 - Unauthenticated Arbitrary File Upload

Description The plugin is vulnerable to arbitrary file uploads due to missing file type validation, allowing unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible...

10CVSS9.9AI score0.0063EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/12/08 12:0 a.m.•21 views

LadiApp <= 4.4 - Missing Authorization

Description The plugin is vulnerable to unauthorized access of data, modification of data, or loss of data due to a missing capability check on an unknown function This makes it possible for authenticated attackers, with subscriber-level access and above, to make use of the unprotected...

9.1AI score0.00463EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/12/07 12:0 a.m.•21 views

NextScripts < 4.4.3 - Reflected Cross-Site Scripting via code

Description The NextScripts plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘code’ parameter in versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary we...

7.1CVSS6.1AI score0.00407EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/12/07 12:0 a.m.•21 views

Antispam Bee < 2.11.4 - IP Address Spoofing via get_client_ip

Description The Antispam Bee plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 2.11.3 due to use of user-supplied HTTP headers as a primary method for IP retrieval. This makes it possible for unauthenticated attackers to bypass country blocking...

6.5AI score0.00372EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/12/07 12:0 a.m.•21 views

Ocean Extra < 2.2.3 - Cross-Site Request Forgery to Arbitrary Plugin Activation

Description The Ocean Extra plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.2. This is due to missing or incorrect nonce validation on the ajaxrequiredpluginsactivate function. This makes it possible for unauthenticated attackers to...

8.8CVSS6.2AI score0.00286EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/12/02 12:0 a.m.•21 views

Campaign Monitor for WordPress < 2.8.14 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.4AI score0.00412EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/29 12:0 a.m.•21 views

ChatBot < 4.7.9 - Authenticated (Administrator+) SQL Injection

Description The AI ChatBot plugin for WordPress is vulnerable to SQL Injection via the orderby parameter in all versions up to, and including, 4.7.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.6CVSS7.7AI score0.00725EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/28 12:0 a.m.•21 views

BSK Forms Blacklist < 3.7 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. In the plugin settings ex:...

4.8CVSS7.2AI score0.00379EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/24 12:0 a.m.•21 views

wpDiscuz < 7.6.6 - Unauthenticated SQL Injection

Description The wpDiscuz plugin for WordPress is vulnerable to SQL Injection via the 'visibleCommentIds' parameter in versions up to, and including, 7.6.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possib...

7.8AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/24 12:0 a.m.•21 views

wpDiscuz < 7.6.12 - Cross-Site Request Forgery

Description The wpDiscuz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 7.6.11. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to dismiss admin notices via a...

8.8CVSS6.4AI score0.00261EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/24 12:0 a.m.•21 views

WPvivid Backup Plugin < 0.9.91 - Missing Authorization via 'start_staging' and 'get_staging_progress'

Description The WPvivid Backup Plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'startstaging' and 'getstagingprogress' functions in versions up to, and including, 0.9.90. This makes it possible for authenticated...

6.2AI score0.00576EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

Sponsors <= 3.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Sponsors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sponsors' shortcode in all versions up to, and including, 3.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.7AI score0.00544EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

WCP OpenWeather <= 2.5.0 - Cross-Site Request Forgery

Description The WCP OpenWeather plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.0. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unknown...

8.8CVSS6.8AI score0.00261EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

UserPro < 5.1.1 - Cross-Site Request Forgery to PHP Object Injection

Description The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.1.0. This is due to missing or incorrect nonce validation on the 'importsettings' function. This makes it possible for unauthenticated attackers to exploit PHP Object...

8.8CVSS7.1AI score0.0027EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

Inactive Logout < 3.2.3 - Missing Authorization

Description The Inactive Logout plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the inaresetadvsettings function in versions up to, and including, 3.2.2. This makes it possible for authenticated attackers, with subscriber-level access a...

6.7AI score0.00485EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

LuckyWP Scripts Control <= 1.2.1 - Missing Authorization

Description The LuckyWP Scripts Control plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in all versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform...

6.7AI score0.00249EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

Themify Ultra < 7.3.6 - Authenticated (Subscriber+) Arbitrary File Upload

Description The themify-ultra theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in during a file upload in all versions up to, and including, 7.3.3. This makes it possible for authenticated attackers with subscriber access or higher to upload arbitrar...

9.9CVSS8.8AI score0.00584EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

Podlove Web Player <= 5.7.3 - Missing Authorization

Description The Podlove Web Player plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on an unknown function in versions up to, and including, 5.7.3. This makes it possible for unauthenticated attackers to perform an unauthorized action...

8.5AI score
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

10Web Map Builder for Google Maps < 1.0.74 - Missing Authorization to Notice Dismissal

Description The 10Web Map Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gmwdbpinstallnoticestatus function in versions up to, and including, 1.0.73. This makes it possible for authenticated attackers, with subscriber-level...

6.7AI score0.0029EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

DoLogin Security <= 3.7.1 - Missing Authorization via REST Endpoints

Description The DoLogin Security plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple REST functions in versions up to, and including, 3.7.1. This makes it possible for unauthenticated attackers to send test SMS messages to arbitrar...

9.5AI score0.00378EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

Neon text < 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontextbox shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes color. This makes it possible for...

6.4CVSS5.9AI score0.00524EPSS
Exploits4References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

FV Flowplayer Video Player < 7.5.39.7212 - Insufficient Input Validation to Unauthenticated Stored Cross-Site Scripting and Arbitrary Usermeta Update

Description The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘fvplayeruservideo’ parameter saved via the 'save' function hooked via init, and the plugin is also vulnerable to Arbitrary Usermeta Update via the 'save' function in versions up t...

6.1CVSS6.2AI score0.00471EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

WooCommerce Bookings < 2.0.4 - Cross-Site Request Forgery

Description The WooCommerce Bookings plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.3. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to invoke this function...

8.8CVSS6.7AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/23 12:0 a.m.•21 views

Custom Header Images <= 1.2.1 - Cross-Site Request Forgery

Description The Custom Header Images plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unknow...

8.8CVSS6.5AI score0.00254EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/11/16 12:0 a.m.•21 views

Elementor Addon Elements < 1.12.8 - Settings Update via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

5.4CVSS9.4AI score0.00298EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/14 12:0 a.m.•21 views

Advanced Page Visit Counter < 8.0.1 - Contributor+ SQLi

Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by Contributor and above users...

9.8CVSS7.7AI score0.0055EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/10 12:0 a.m.•21 views

Welcart e-Commerce < 2.9.5 - Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open the URL below:...

6.1CVSS6.3AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/07 12:0 a.m.•21 views

Kadence WooCommerce Email Designer < 1.5.12 - CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.5AI score0.00234EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/06 12:0 a.m.•21 views

Bookly < 22.5 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. As an admin user, visit the...

4.8CVSS4.8AI score0.00451EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/11/03 12:0 a.m.•21 views

Simple Shortcodes <= 1.0.20 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not sufficiently sanitize input or escape output on user-supplied attributes, resulting in a potential for Stored Cross-Site Scripting via shortcodes. This flaw makes it possible for users with contributor-level permissions or higher to inject arbitrary web scripts int...

6.4CVSS5.6AI score0.0064EPSS
Exploits1References1
WPVulnDB
WPVulnDB
•added 2023/10/27 12:0 a.m.•21 views

WP Full Stripe Free <= 1.6.1 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.6AI score0.00316EPSS
Exploits0References2
WPVulnDB
WPVulnDB
•added 2023/10/27 12:0 a.m.•21 views

Add Custom Body Class <= 1.4.1 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not properly escape the addcustombodyclass parameter before outputting it to the page, allowing users with the role of contributor of higher to inject arbitrary web scripts potentially targeting higher privileged users...

6.4CVSS6.4AI score0.00312EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/10/26 12:0 a.m.•21 views

Scroll post excerpt <= 8.0 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.6AI score0.00418EPSS
Exploits0References2
WPVulnDB
WPVulnDB
•added 2023/10/20 12:0 a.m.•21 views

Photospace Responsive < 2.1.2 - Admin+ Stored XSS

Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.5AI score0.00403EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/10/20 12:0 a.m.•21 views

Website Builder by SeedProd < 6.15.15.3 - Arbitrary Settings Update via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

4.3CVSS6.5AI score0.0028EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/10/18 12:0 a.m.•21 views

Hitsteps Web Analytics < 5.87 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS6AI score0.00316EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/10/17 12:0 a.m.•21 views

Hotjar < 1.0.16 - Admin+ Stored XSS

Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.5CVSS5.5AI score0.00497EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/10/17 12:0 a.m.•21 views

AGP Font Awesome Collection <= 3.2.4 - Arbitrary Settings Update via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.5AI score0.00214EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/10/17 12:0 a.m.•21 views

MailChimp Forms by MailMunch < 3.1.5 - Arbitrary Actions via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.5AI score0.00214EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/10/16 12:0 a.m.•21 views

Eupago Gateway For Woocommerce < 3.1.10 - CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.5AI score0.00254EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/10/16 12:0 a.m.•21 views

User Registration < 3.0.4.2 - Admin+ Stored XSS

Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Install and activate this...

4.8CVSS4.9AI score0.00562EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/10/13 12:0 a.m.•21 views

WP 6.3-6.3.1 - Contributor+ Stored XSS via Footnotes Block

Description WordPress does not escape some of its Footnotes block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.1AI score
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/10/10 12:0 a.m.•21 views

AWP Classifieds < 4.3.1 - Categories Mgt via CSRF

Description The plugin does not have CSRF checks when managing categories such as deleting, updating etc, which could allow attackers to make logged in admins perform such actions via CSRF attacks...

8.8CVSS6.5AI score0.00208EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000