Lucene search
K
WpvulndbMost viewed

14603 matches found

WPVulnDB
WPVulnDB
added 2022/08/19 12:0 a.m.21 views

Craw Data <= 1.0.0 - Server Side Request Forgery

The plugin does not implement nonce checks, which could allow attackers to make a logged in admin change the url value performing unwanted crawls on third-party sites SSRF. PoC When configuring the CrawData addon, the request is as follows GET...

4.3CVSS1.8AI score0.00552EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/08/11 12:0 a.m.21 views

Uploading SVG, WEBP and ICO files <= 1.0.1 - Author+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters which could allow users with a role as low as author to perform Stored Cross-Site Scripting attacks...

5.4CVSS2.5AI score0.00445EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/08/04 12:0 a.m.21 views

Sensei LMS < 4.5.0 - Unauthenticated Private Messages Disclosure via Rest API

The plugin does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers PoC https://example.com/wp-json/wp/v2/sensei-messages/...

5.3CVSS2.2AI score0.01868EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/08/01 12:0 a.m.21 views

WP Sticky Button < 1.4.1 - Unauthenticated Arbitrary Settings Update to Stored XSS

The plugin does not have authorisation and CSRF checks when saving its settings, allowing unauthenticated users to update them. Furthermore, due to the lack of escaping in some of them, it could lead to Stored Cross-Site Scripting issues PoC fetch"/wp-admin/admin-ajax.php", "headers":...

5.4CVSS2.8AI score0.00302EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/08/01 12:0 a.m.21 views

WP Edit Menu < 1.5.0 - Unauthenticated Arbitrary Post Deletion

The plugin does not have authorisation and CSRF in an AJAX action, which could allow unauthenticated attackers to delete arbitrary posts/pages from the blog PoC https://example.com/wp-admin/admin-ajax.php?action=filtermenu=post-id...

4.3CVSS2.7AI score0.00336EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/08/01 12:0 a.m.21 views

Multiple Plugins from Puvox.software - Reflected Cross-Site Scripting

The plugins do not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting PoC https://example.com/wp-admin/admin.php?page=wp-phpmyadmin-extension=errors-logreset"...

0.2AI score
Exploits0Affected Software19
WPVulnDB
WPVulnDB
added 2022/07/28 12:0 a.m.21 views

VR Calendar <= 2.3.4 - Admin+ LFI

The plugin does not validate user input before using it in a require statement, which could allow high privilege users to perform LFI attacks. The attack could also be performed via a CSRF vector by making a logged in admin open a malicious link PoC...

3.8AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/07/27 12:0 a.m.21 views

GS Testimonial Slider <= 1.9.1 - Author+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as author to perform Stored Cross-Site Scripting attacks...

4.8CVSS4AI score0.00463EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/07/26 12:0 a.m.21 views

Simple Banner < 2.12.0 - Admin+ Stored Cross Site Scripting

The plugin does not properly sanitize its "Simple Banner Text" Settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC Put the following payloads in the "Simple Banner Text" settings of the plugin: Firefox...

4.8CVSS1.4AI score0.00444EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2022/07/18 12:0 a.m.21 views

WP DS Blog Map <= 3.1.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the following payload in any of the settings...

4.8CVSS1AI score0.00493EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/07/08 12:0 a.m.21 views

Counter Box < 1.2.1 - Arbitrary Counter Activation/Deactivation via CSRF

The plugin is lacking CSRF check when activating and deactivating counters, which could allow attackers to make a logged in admin perform such actions via CSRF attacks PoC https://example.com/wp-admin/admin.php?page=counter-box=1=activate...

8.8CVSS4AI score0.00451EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/07/07 12:0 a.m.21 views

Microsoft Advertising Universal Event Tracking < 1.0.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Due to the nature of this plugin, well crafted XSS can also leak into the frontpage. PoC Put the followi...

4.8CVSS1.6AI score0.01089EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/07/04 12:0 a.m.21 views

Popup Anything < 2.1.7 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in a frontend page, leading to a Reflected Cross-Site Scripting PoC On a post/page where the paocdetails display="keyxxx" shortcode is embed, append the following payload: ?xxx=11111%3Cscript%3Ealert/XSS/%3C/script%3E...

6.1CVSS6.2AI score0.0055EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/07/04 12:0 a.m.21 views

Name Directory < 1.25.4 - Stored Cross-Site Scripting via CSRF

The plugin does not have CSRF check when importing names, and is also lacking sanitisation as well as escaping in some of the imported data, which could allow attackers to make a logged in admin import arbitrary names with XSS payloads in them. PoC As admin, Import the following CSV...

6.1CVSS3.7AI score0.00284EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/30 12:0 a.m.21 views

Popup Builder < 4.1.12 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

5.4CVSS4.3AI score0.0043EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/27 12:0 a.m.21 views

Simple Page Transition <= 1.4.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the following payload in the "Ignored Download...

4.8CVSS1.4AI score0.00608EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/20 12:0 a.m.21 views

WP Event Manager < 3.1.28 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape its search before outputting it back in an attribute on the event dashboard, leading to a Reflected Cross-Site Scripting PoC Against any authenticated user: https://example.com/event-dashboard/?searchkeywords=aaaa"...

6.1CVSS6.1AI score0.00796EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/20 12:0 a.m.21 views

Popup Builder < 4.1.11 - Admin+ Stored Cross-Site Scripting

The plugin does not escape and sanitize some settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfiltredhtml is disallowed PoC Create/edit a subscription, enabled the GDPR options in it and add the following payload in the "confirmation text"...

4.8CVSS1.2AI score0.00552EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/16 12:0 a.m.21 views

FoxyShop < 4.8.2 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting PoC https://example.com/wp-admin/edit.php?posttype=foxyshopproduct=foxyshoptools=error=...

6.1CVSS6.2AI score0.00739EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/16 12:0 a.m.21 views

Pricing Deals for WooCommerce < 2.0.3 - Unauthenticated SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection PoC...

9.8CVSS1.7AI score0.07942EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/15 12:0 a.m.21 views

Sharebar <= 1.4.1 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and also lead to Stored Cross-Site Scripting issue due to the lack of sanitisation and escaping in some of them PoC...

5.4CVSS4.2AI score0.00292EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/14 12:0 a.m.21 views

XO Slider < 3.3.3 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its Slider fields, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS3AI score0.00494EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/08 12:0 a.m.21 views

API KEY for Google Maps < 1.2.2 - Arbitrary API Key Update via CSRF

The plugin does not have CSRF in place when updating the API key, allowing attackers to make a logged in admin perform such action via a CSRF attack...

5.4CVSS5.5AI score0.00415EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.21 views

WordPress Security < 4.2.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup PoC Put the following payload in the...

4.8CVSS0.1AI score0.00548EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.21 views

Limit Login Attempts < 4.0.72 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup PoC Put the following payload in the...

4.8CVSS4.9AI score0.00848EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/06/02 12:0 a.m.21 views

HTML2WP <= 1.0.0 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them PoC...

4.3CVSS4.9AI score0.00412EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/30 12:0 a.m.21 views

PDF24 Article To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC .pdf24Plugin-cp border:1px solid silver; .pdf24Plugin-cp inputtype="text" width:200px; border:1px solid silver; margin:0; padding:2px;...

6.5CVSS2.2AI score0.00513EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/30 12:0 a.m.21 views

PDF24 Articles To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC .pdf24Plugin-cp border:1px solid silver; .pdf24Plugin-cp inputtype="text" width:200px; border:1px solid silver; margin:0; padding:2px;...

6.5CVSS2.2AI score0.00513EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/30 12:0 a.m.21 views

Print, PDF, Email by PrintFriendly < 5.2.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the Custom Button Text settings, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC In the plugin's settings, tick 'Custom Button' and put the following...

4.8CVSS1AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/30 12:0 a.m.21 views

WP-Email < 2.69.0 - Anti-Spam Protection Bypass via IP Spoofing

The plugin prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based anti-spamming restrictions. PoC Set HTTPCLIENTIP, HTTPXFORWARDEDFOR or any of the other headers used in getipaddress. curl...

7.5CVSS1.9AI score0.01131EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/26 12:0 a.m.21 views

Hotel Booking <= 3.0 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS2.6AI score0.00494EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/24 12:0 a.m.21 views

WP Statistic < 13.2.2 - Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitise and escape some of its settings, which could allow a high privilege users to perform Stored Cross-Site Scripting attacks when unfiltredhtml is disallowed...

6.1CVSS2.7AI score0.00969EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/23 12:0 a.m.21 views

Appointment Hour Booking < 1.3.56 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape a settings of its Calendar fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed. PoC Create/edit a calendar, and put the following payload in the "Additional CSS Class" settings of...

4.8CVSS0.9AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/18 12:0 a.m.21 views

MailerLite < 1.5.4 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting PoC The first digit of the ID must be an existing form ID...

6.1CVSS0.4AI score0.00815EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/18 12:0 a.m.21 views

HC Custom WP-Admin URL <= 1.4 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, allowing them to change the login URL PoC...

4.3CVSS4.1AI score0.00412EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/18 12:0 a.m.21 views

JupiterX Core < 2.0.7 - Information Disclosure, Modification, and Denial of Service

Any logged in users, such as subscriber could view site configuration and logged-in users, modify post conditions, or perform a denial of service attack via the jupiterxconditionalmanager AJAX action which can be used to call any function in the includes/condition/class-condition-manager.php file...

7.5CVSS2.8AI score0.00819EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/09 12:0 a.m.21 views

Simple Real Estate Pack <= 1.4.8 - Admin+ Stored Cross Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed PoC Put the following payload in the plugin's settings such as "Consumer Key": "...

4.8CVSS2.2AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/05/03 12:0 a.m.21 views

Content Mask < 1.8.4.1 - Subscriber+ Arbitrary Options Update

The plugin does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the plugin. As a result, any authenticated user, such as subscriber could modify arbitrary blog options PoC POST /wp-admin/admin-ajax.php...

4.3CVSS1.4AI score0.01052EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
added 2022/04/28 12:0 a.m.21 views

Hermit <= 3.1.6 - Subscriber+ SQLi

The plugin does not sanitise and escape the ids parameter before using it in a SQL statement, leading to a SQL injection...

8.8CVSS1.6AI score0.00862EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/04/26 12:0 a.m.21 views

Tripetto < 5.2.0 - Unauthenticated Stored Cross-Site Scripting

The plugin does not validate uploaded attachment files, which could allow unauthenticated users to upload malicious SVG and lead to Cross-Site Scripting...

6.1CVSS3AI score0.00713EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/04/25 12:0 a.m.21 views

ShortPixel Adaptive Images < 3.4.0 - Subscriber+ Arbitrary Settings Update

The plugin does not have any authorisation when updating its settings via an AJAX action, allowing any authenticated users, such as subscriber to change them...

4.3CVSS5.2AI score0.00595EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/04/25 12:0 a.m.21 views

ScrollReveal.js Effects <= 1.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed PoC Put the following payload in any of the plugin's settings such as Opacity: "...

4.8CVSS2.3AI score0.00648EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/04/19 12:0 a.m.21 views

th23 Social <= 1.2.0 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Put the following payload in the plugin's settings...

4.8CVSS2.9AI score0.00565EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/04/13 12:0 a.m.21 views

Easily Generate Rest API Url <= 1.0.0 - Admin+ Stored Cross-Site Scripting

The plugin does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Put the following payload in the "Post Per Page" or "Enter Search Text": settings of the plugin: "autofocu...

4.8CVSS2AI score0.00577EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/04/11 12:0 a.m.21 views

Sitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Options Update

The plugin does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as the userscanregister and defaultrole,...

8.8CVSS2.8AI score0.13329EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/04/04 12:0 a.m.21 views

Testimonial Slider <= 3.5.8.3 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its slider settings, such as mpsppostsbgcolor, mpsppostsdescriptioncolor, mpspslidenavbuttoncolor which could allow users with the editpost capability contributor and above to perform Cross-Site Scripting attacks...

5.4CVSS3.9AI score0.00544EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2022/03/29 12:0 a.m.21 views

Users Ultra <= 3.1.0 - Unauthenticated SQL Injection

The plugin fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL Injection. PoC curl...

9.8CVSS2.5AI score0.08415EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2022/03/22 12:0 a.m.21 views

Loco Translate < 2.6.1 - Authenticated Stored Cross-Site Scripting

The plugin does not properly remove inline events from elements in the source translation strings before outputting them in the editor in the plugin admin panel, allowing any user with access to the plugin Translator and Administrator by default to add arbitrary javascript payloads to the source...

5.4CVSS0.8AI score0.03932EPSS
Exploits4Affected Software1
WPVulnDB
WPVulnDB
added 2022/03/22 12:0 a.m.21 views

WP Downgrade < 1.2.3 - Admin+ Stored Cross-Site Scripting

The plugin only perform client side validation of its "WordPress Target Version" settings, but does not sanitise and escape it server side, allowing high privilege users such as admin to perform Cross-Site attacks even when the unfilteredhtml capability is disallowed PoC Access the settings of th...

4.8CVSS2.4AI score0.04782EPSS
Exploits4References1Affected Software1
WPVulnDB
WPVulnDB
added 2022/03/21 12:0 a.m.21 views

Easy Social Icons < 3.2.1 - Admin+ Stored Cross-Site Scripting in add icon

The plugin does not properly escape the imagefile field when adding a new social icon, allowing high privileged users to inject arbitrary javascript even when the unfilteredhtml capability is disallowed. Version 3.2.0 adressed some of the issues, but was still vulnerable when clicking to edit the...

4.8CVSS2.2AI score0.00588EPSS
Exploits2Affected Software1
Total number of security vulnerabilities5000