Lucene search
K
WpvulndbMost viewed

14602 matches found

WPVulnDB
WPVulnDB
added 2020/06/07 12:0 a.m.21 views

SportsPress < 2.7.2 - Authenticated Stored Cross-Site Scripting

Any user with the role of administrator or League Manager is able to store XSS payloads in the custom delimiter setting of events pages. This will then execute on all events pages on the website. PoC Video PoC: https://youtu.be/J8QZ8S6CiS8...

3.5CVSS5.3AI score0.00696EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2020/05/29 12:0 a.m.21 views

Blog2Social: Social Media Auto Post & Scheduler < 6.3.1 - Authenticated SQL Injection

SQL Injection in the Blog2Social plugin 6.3.0 for WordPress exists via Re-Share Posts feature. PoC Please refer to the video below for steps to reproduce and demonstration of automatic exploit with sqlmap. - Mega.nz: https://mega.nz/file/mt1gFYTKe3XkA-zY0cCApTYlLZktRZ4Q4vchVhbPsNqQC6CKORo -...

0.3AI score0.01505EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2020/05/28 12:0 a.m.21 views

Page Builder: PageLayer - Drag and Drop website builder < 1.1.2 - CSRF leading to XSS

A flaw allowed attackers to forge a request on behalf of a site’s administrator to modify the settings of the plugin which could allow for malicious Javascript injection. PoC...

6.8CVSS3.5AI score0.00773EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2020/05/11 12:0 a.m.21 views

Page Builder by SiteOrigin < 2.10.16 - CSRF to Reflected Cross-Site Scripting (XSS)

Flaws in the live editor and actionbuildercontent functions of the plugin "allow attackers to forge requests on behalf of a site administrator and execute malicious code in the administrator’s browser. The attacker needs to trick a site administrator into executing an action, like clicking a link...

6.8CVSS2.9AI score0.00809EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
added 2020/04/13 12:0 a.m.21 views

Media Library Assistant < 2.82 - Unauthenticated Limited Local File Inclusion

The Media Library Assistant plugin before 2.82 for WordPress suffers from a Local File Inclusion vulnerability in mlagallery link=download. PoC The LFI is restricted to the "wp-content" directory...

5CVSS2.3AI score0.04917EPSS
Exploits4References3Affected Software1
WPVulnDB
WPVulnDB
added 2020/03/31 12:0 a.m.21 views

Elementor Page Builder < 2.9.6 - Authenticated Safe Mode Privilege Escalation

The Elementor WordPress plugin could allow an authenticated user to enable Safe Mode. This could allow the user to then disable plugins, which could include security plugins, which would weaken the overall security of the site...

4CVSS3.2AI score0.00989EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2020/03/16 12:0 a.m.21 views

LearnPress < 3.2.6.7 - Privilege Escalation

Any authenticated user can change its role to an instructor/teacher and gain access to otherwise restricted data...

4CVSS4.1AI score0.01116EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2020/02/17 12:0 a.m.21 views

wpCentral < 1.5.1 - Improper Access Control to Privilege Escalation

The flaw allowed anybody to escalate their privileges to those of an administrator, as long as subscriber-level registration was enabled on a given WordPress site with the vulnerable plugin installed. PoC 1. Log in as Subscriber. 2. Scrape the page /wp-admin/index.php for the connection key. i.e...

9CVSS2.9AI score0.08173EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2020/01/16 12:0 a.m.21 views

WP Database Reset < 3.15 - Privilege Escalation

This flaw "allowed any authenticated user, even those with minimal permissions, the ability to grant their account administrative privileges while dropping all other users from the table with a simple request." PoC Login as a subscriber then send the following request:...

6.5CVSS3.7AI score0.02463EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2020/01/06 12:0 a.m.21 views

Ultimate FAQ < 1.8.30 - Unauthenticated Reflected XSS

The HTML code generated by the FAQ shortcode does not sanitise the DisplayFAQ GET parameter, leading to an unauthenticated reflected Cross-Site Scripting issue on pages where such shortcode is used. PoC Append the following payload on a page where a FAQ is embedded: ?DisplayFAQ=...

4.3CVSS0.6AI score0.02195EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2019/12/25 12:0 a.m.21 views

bbPress Login Register Links On Forum Topic Pages <= 2.7.5 - CSRF to Stored XSS

Lack of CSRF checks in the plugin's settings allow arbitrary change of the settings, which can also lead to stored XSS issues. PoC The payload below will result in a stored XSS in the 'Style Customize' page...

2.1AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2019/11/29 12:0 a.m.21 views

ListingPro < 2.0.14.5 - Reflected & Persistent Cross-Site Scripting

Reflected & Persistent XSS was discovered in the 'ListingPro - WordPress Directory Theme'. Current version is 2.0.14.2 August 9th 2019. Edit WPScanTeam: November 29th, 2019 - Envato Informed November 29th, 2019 - Envato Investigating December 4th, 2019 - v2.0.14.3 Released, fixing the reflected X...

4.3CVSS5.3AI score0.00934EPSS
Exploits4References1Affected Software1
WPVulnDB
WPVulnDB
added 2019/09/20 12:0 a.m.21 views

Motors Car Dealer & Classified Ads < 1.4.1 - Multiple Issues

- Unauthenticated plugin's settings import/export leading to stored XSS - Authenticated settings import - Unsanitised inputs - Authenticated options change...

6.4CVSS3.5AI score0.01364EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2019/08/07 12:0 a.m.21 views

Login Or Logout Menu Item <= 1.1.1 - Unauthenticated Options Change

The Login or Logout Menu Item WordPress plugin was affected by an Unauthenticated Options Change security vulnerability...

5.8CVSS2.7AI score0.01467EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2019/07/23 12:0 a.m.21 views

WPS Child Themes Generator <= 1.1 - Path Traversal

The WPS Child Theme Generator WordPress plugin was affected by a Path Traversal security vulnerability...

7.5CVSS2.6AI score0.03354EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2019/06/08 12:0 a.m.21 views

Breadcrumbs by menu <= 1.0.1 - Multiple Issues

XSS, CSRF leading to options update...

6.8CVSS1.5AI score0.0095EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2019/05/08 12:0 a.m.21 views

WPGraphQL <= 0.2.3 - Multiple Vulnerabilities

Without authorisation, weak access controls allow us to: Create administrative users Post comments on articles bypassing article restrictions and global moderation Retrieve content of password-protected posts/articles/pages Retrieve full list of registered users in the platform Retrieve full list...

7.5CVSS2.9AI score0.46614EPSS
Exploits5References3Affected Software1
WPVulnDB
WPVulnDB
added 2019/02/06 12:0 a.m.21 views

Forminator <= 1.5.4 - Authenticated Multiple Vulnerabilities

The Forminator – Contact Form, Payment Form & Custom Form Builder WordPress plugin was affected by an Authenticated Multiple Vulnerabilities security vulnerability...

4.3CVSS2.1AI score0.01574EPSS
Exploits2References2Affected Software1
WPVulnDB
WPVulnDB
added 2019/02/05 12:0 a.m.21 views

Contact Form Email <= 1.2.65 - Multiple Cross-Site Scripting (XSS) & CSRF

The Contact Form Email WordPress plugin was affected by a Multiple Cross-Site Scripting XSS & CSRF security vulnerability. PoC http://www.example.com/wp-admin/admin.php?page=cpcontactformtoemail=1=1='"...

6.8CVSS0.2AI score0.01389EPSS
Exploits2References2Affected Software1
WPVulnDB
WPVulnDB
added 2019/02/05 12:0 a.m.21 views

WP Google Maps <= 7.10.41 - Cross-Site Scripting (XSS)

The WP Google Maps WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.6AI score0.03028EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2019/01/25 12:0 a.m.21 views

Wise Chat <= 2.6.3 - Reverse Tabnabbing

The Wise Chat WordPress plugin was affected by a Reverse Tabnabbing security vulnerability...

5.8CVSS2.8AI score0.04924EPSS
Exploits5References2Affected Software1
WPVulnDB
WPVulnDB
added 2018/12/19 12:0 a.m.21 views

WP Ultimate Exporter < 1.4.2 - CSRF

The Export WordPress Data with Advanced Filters WordPress plugin was affected by a CSRF security vulnerability...

6.8CVSS3.2AI score0.00649EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2018/12/18 12:0 a.m.21 views

Google XML Sitemaps <= 4.0.9 - Authenticated Cross-Site Scripting (XSS)

According to the changelog: 4.1.0 2018-12-18 - Fixed security issue related to escaping external URLs - Fixed security issue related to option tags in forms...

3.5CVSS0.8AI score0.00678EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2018/12/07 12:0 a.m.21 views

WP Payeezy Pay < 2.98 - Local File Inclusion

The WP Payeezy Pay WordPress plugin was affected by a Local File Inclusion security vulnerability...

7.5CVSS1.9AI score0.07606EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2018/12/04 12:0 a.m.21 views

Arigato Autoresponder and Newsletter <= 2.5.1.8 - Authenticated Blind SQL Injection & Multiple XSS

The Arigato Autoresponder and Newsletter WordPress plugin was affected by an Authenticated Blind SQL Injection & Multiple XSS security vulnerability...

6.5CVSS2.5AI score0.04354EPSS
Exploits14References3Affected Software1
WPVulnDB
WPVulnDB
added 2018/11/29 12:0 a.m.21 views

LoginPress <= 1.1.13 - Unauthorized Blind SQL Injection

The Custom Login Page Customizer | LoginPress WordPress plugin was affected by an Unauthorized Blind SQL Injection security vulnerability...

7.5CVSS2.9AI score0.02212EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2018/11/14 12:0 a.m.21 views

Ninja Forms <= 3.3.17 - Unauthenticated Cross-Site Scripting (XSS)

According to the changelog: "Patched a redirect XSS vulnerability using code injection on our submissions page."...

4.3CVSS1.4AI score0.08903EPSS
Exploits5References1Affected Software1
WPVulnDB
WPVulnDB
added 2018/11/05 12:0 a.m.21 views

Media File Manager <= 1.4.2 - Authenticated Multiple Vulnerabilities

Following the PoC you can combine the vulnerabilities to obtain PHP code execution and read sensitive file. By default the File Manager can only be used by Administrator users, however, any user role can be configured to use it. PoC Diretory Trasversal: POST /wordpress/wp-admin/admin-ajax.php...

5CVSS0.12128EPSS
Exploits5References2Affected Software1
WPVulnDB
WPVulnDB
added 2018/10/11 12:0 a.m.21 views

WooCommerce <= 3.4.5 - Authenticated File Deletion to Privilege Escalation

Attackers in control of a user with the shop manager role can delete certain files on the server and then take over any victim account...

5.5CVSS5AI score0.01842EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2018/09/17 12:0 a.m.21 views

File Manager < 3.1 - CSRF to Stored Cross-Site Scripting

The plugin is lacking CSRF as well as sanitisation checks, allowing attackers to perform CSRF attacks against logged in administrators and set an XSS payload in the publicpath setting. PoC...

6.8CVSS3.3AI score0.01365EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
added 2018/07/10 12:0 a.m.21 views

All In One Favicon <= 4.6 - Multiple Stored Authenticated XSS

Authenticated Stored Cross-Site Scripting XSS in 8 parameters: backendApple-Text backendGIF-Text backendICO-Text backendPNG-Text frontendApple-Text frontendGIF-Text frontendICO-Text frontendPNG-Text PoC " "...

3.5CVSS2.6AI score0.02003EPSS
Exploits6References2Affected Software1
WPVulnDB
WPVulnDB
added 2018/06/20 12:0 a.m.21 views

Advanced Order Export For WooCommerce <= 1.5.4 - CSV Injection

The Advanced Order Export For WooCommerce WordPress plugin was affected by a CSV Injection security vulnerability...

6.8CVSS2.7AI score0.05209EPSS
Exploits6References2Affected Software1
WPVulnDB
WPVulnDB
added 2018/06/01 12:0 a.m.21 views

wpForo Forum <= 1.4.11 - Unauthenticated Reflected Cross-Site Scripting (XSS)

Version 1.4.11, and below, of the wpForo Forum WordPress Plugin were found to be vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability was due to the Plugin using the $SERVER'REQUESTURI' PHP variable to create a URL string that was later output within HTML without any output encodin...

4.3CVSS6.1AI score0.0363EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2018/05/28 12:0 a.m.21 views

JS Job <= 1.0.6 - CSRF

The JS Job Manager WordPress plugin was affected by a CSRF security vulnerability...

6.8CVSS2.4AI score0.00649EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2018/05/27 12:0 a.m.21 views

Membermouse < 2.2.9 - Blind SQL Injection

Note: It seems like the affected plugin is the premium version from https://membermouse.com, the free one has been closed as of v1.2.0...

7.5CVSS2AI score0.0218EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2018/04/24 12:0 a.m.21 views

UK Cookie Consent <= 2.3.9 - Authenticated Stored Cross-Site Scripting (XSS)

A persistent cross-site scripting vulnerability has been identified in the web interface of the plugin that allows the execution of arbitrary HTML/script code to be executed in a victim's web browser. Tested on version 2.3.9 older versions may also be affected PoC 1 Access WordPress control panel...

3.5CVSS3.5AI score0.03892EPSS
Exploits5References1Affected Software1
WPVulnDB
WPVulnDB
added 2018/04/04 12:0 a.m.21 views

WordPress 3.7-4.9.4 - Remove localhost Default

Description Don't treat localhost as same host by default...

6.1CVSS6.1AI score0.03264EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2018/04/04 12:0 a.m.21 views

WordPress 3.7-4.9.4 - Escape Version in Generator Tag

Description Make sure the version string is correctly escaped for use in generator tags...

6.1CVSS6.3AI score0.05259EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2018/01/30 12:0 a.m.21 views

WP Retina 2x <= 5.2.0 - Cross-Site Scripting (XSS)

The WP Retina 2x WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.6AI score0.00918EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2018/01/17 12:0 a.m.21 views

BuddyBoss Media <= 3.2.3 - Stored XSS

The album description does not perform input / output validation. According to the researcher: No reply from vendor. Issue not patched. Vulnerability can be exploited by any user. Form not vulnerable to CSRF. PoC '"...

3.5CVSS1.3AI score0.00723EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2017/12/19 12:0 a.m.21 views

AccessPress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload

Improper sanitization allows the attacker to override the settings for allowed file extensions and upload file size. This allows the attacker to upload anything they want, bypassing the filters. PoC OST /wp-admin/admin-ajax.php?action=apfileuploadactionuploadernonce=nonce=php=64000 HTTP/1.1...

7.5CVSS0.9AI score0.19151EPSS
Exploits6References2Affected Software1
WPVulnDB
WPVulnDB
added 2017/12/05 12:0 a.m.21 views

Z-URL Preview <= 1.6.2 - Cross-Site Scripting (XSS)

The Z-URL Preview WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.9AI score0.01467EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2017/10/17 12:0 a.m.21 views

Max Mega Menu <= 2.3.8 - Authenticated XSS

The Max Mega Menu WordPress plugin was affected by an Authenticated XSS security vulnerability...

4.3CVSS3.2AI score0.00905EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2017/09/16 12:0 a.m.21 views

Post Pay Counter < 2.731 - PHP Obj Injection & Access Control Issues

The Post Pay Counter WordPress plugin was affected by a PHP Obj Injection & Access Control Issues security vulnerability...

7.5CVSS2.5AI score0.02072EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2017/08/21 12:0 a.m.21 views

Liveforms < 3.4.0 - XSS

The Live Forms – Easy Drag and Drop Form Builder Plugin for WordPress WordPress plugin was affected by a XSS security vulnerability...

4.3CVSS2.4AI score0.00915EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2017/07/25 12:0 a.m.21 views

Weblibrarian < 3.4.8.6 - XSS

The WebLibrarian WordPress plugin was affected by a XSS security vulnerability...

4.3CVSS2.9AI score0.00888EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2017/07/24 12:0 a.m.21 views

Popup Maker <= 1.6.4 - Authenticated Cross-Site Scripting (XSS)

The Popup Maker – Popup Forms, Opt-ins & More WordPress plugin was affected by an Authenticated Cross-Site Scripting XSS security vulnerability...

4.3CVSS2AI score0.01634EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2017/07/21 12:0 a.m.21 views

WordPress Plugin IBPS Online Exam <= 1.0 - Authenticated SQL Injection / Cross-Site Scripting

Exploit Author: 8bitsec Contact Author: https://twitter.com/8bitsec Stored XSS on exam input textfields and Blind SQL Injection on 'examappUserResult' page 'id' parameter. PoC Authenticated Stored XSS: Logged as a student: Write the payload in the input textfields while attempting an exam. The...

6.5CVSS6.7AI score0.01576EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
added 2017/06/29 12:0 a.m.21 views

Postman SMTP Mailer/Email Log - Cross-Site Scripting (XSS)

The postman-smtp WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

4.3CVSS1.3AI score0.01011EPSS
Exploits1References3Affected Software1
WPVulnDB
WPVulnDB
added 2017/05/31 12:0 a.m.21 views

Easy Team Manager 1.3.2 - Authenticated Blind SQL Injection

The easy-team-manager WordPress plugin was affected by an Authenticated Blind SQL Injection security vulnerability...

7.5CVSS2.8AI score0.02958EPSS
Exploits1References2Affected Software1
Total number of security vulnerabilities5000