Lucene search
K
WpvulndbMost viewed

14602 matches found

WPVulnDB
WPVulnDB
โ€ขadded 2023/03/20 12:0 a.m.โ€ข20 views

Simple Giveaways < 2.45.1 - Editor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its Giveaways options, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Login with an editor user and add/edi...

4.8CVSS4.9AI score0.00446EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/28 12:0 a.m.โ€ข20 views

Preview Link Generator < 1.0.4 - Arbitrary Plugin Activation via CSRF

The plugin does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack PoC fetch'https://example.com/wp-admin/admin-ajax.php', method: 'POST', headers: new Headers 'Content-Type':...

4.3CVSS5.4AI score0.00337EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/28 12:0 a.m.โ€ข20 views

NEX-Forms < 8.3.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC 1. Add a form 2. Insert the following...

5.4CVSS5.4AI score0.00503EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/27 12:0 a.m.โ€ข20 views

Maspik โ€“ Spam blacklist < 0.7.9 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions in the file /admin/partials/contact-forms-anti-spam-log.php against CSRF attacks, allowing an unauthenticated attacker to clear plugin logs and stat counter by tricking a logged in user to submit a crafted request...

8.8CVSS6.8AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/23 12:0 a.m.โ€ข20 views

ReviewX < 1.6.4 - Subscriber+ SQLi

The plugin does not properly sanitise and escape the filterValue and selectedColumns parameters before using them in SQL statements via the rxexportreview AJAX action available to any authenticated users, leading to a SQL injection exploitable by users with a role as low as subscriber PoC Run the...

8.8CVSS9.1AI score0.00872EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/23 12:0 a.m.โ€ข20 views

Simple Portfolio Gallery <= 0.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/20 12:0 a.m.โ€ข20 views

10WebMapBuilder < 1.0.73 - Unauthenticated SQLi

The plugin does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection PoC Note: /2022/12/29/map/ is page/post where the GoogleMapsWD is embed POST /2022/12/29/map/ HTTP/1.1...

9.8CVSS9.3AI score0.03911EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/17 12:0 a.m.โ€ข20 views

Google Maps v3 Shortcode <= 1.2.1 - Contributor+ XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.0037EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/16 12:0 a.m.โ€ข20 views

Campaign URL Builder < 1.8.2 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC The shortcode need to be active can be...

5.4CVSS5.4AI score0.00444EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/16 12:0 a.m.โ€ข20 views

Schema - All In One Schema Rich Snippets < 1.6.6 - Multiple CSRF

The plugin does not properly validate a user intended to do an action, which they could have done using nonce checks. This makes it possible for attackers to conduct CSRF attacks against an unsuspecting administrator, tricking their browser into editing some of the plugin's settings...

8.8CVSS6AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/15 12:0 a.m.โ€ข20 views

Archivist - Custom Archive Templates < 1.7.5 - Stored XSS via CSRF

The plugin does not have CSRF when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

8.8CVSS6AI score0.00248EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/07 12:0 a.m.โ€ข20 views

Responsive Pricing Table < 5.1.7 - Contributor+ Stored XSS

The plugin does not sanitise and escape the fields.title parameter, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00492EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/07 12:0 a.m.โ€ข20 views

Slider by Supsystic <= 1.8.6 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.3AI score0.00276EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/02/06 12:0 a.m.โ€ข20 views

Quick Contact Form < 8.0.4 - Contributor+ Stored XSS

The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.2AI score0.00386EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/27 12:0 a.m.โ€ข20 views

JS Help Desk < 2.7.2 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.3AI score0.00264EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/27 12:0 a.m.โ€ข20 views

Advanced Form Integration < 1.63.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/27 12:0 a.m.โ€ข20 views

VikBooking Hotel Booking Engine & PMS < 1.5.12 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/24 12:0 a.m.โ€ข20 views

Spectra < 1.15.0 - Contributor+ Stored Cross-Side Scripting

The plugin does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks via the plugin's Gutenberg blocks. PoC Note: The exploit requires the Contact Form 7 plugin. Exploit Additional CSS classes for โ€œContact Form 7 Stylerโ€ Gutenberg...

5.4CVSS5.1AI score0.00507EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/24 12:0 a.m.โ€ข20 views

Markup <= 4.8.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC wp-structuring-markup-breadcrumb class=...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/23 12:0 a.m.โ€ข20 views

WP Google Review Slider < 11.8 - Subscriber+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber. PoC Run the following code in the browser console on any WP Admin page. fetch'/wp-admin/admin-ajax.php', method: 'POST...

8.8CVSS9.1AI score0.00919EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/20 12:0 a.m.โ€ข20 views

WP Time Slots Booking Form < 1.1.82 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/19 12:0 a.m.โ€ข20 views

GiveWP < 2.24.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC givemultiformgoal image='"...

5.4CVSS5AI score0.00555EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/19 12:0 a.m.โ€ข20 views

3com Asesor de Cookies <= 3.4.3 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS4.7AI score0.00392EPSS
Exploits0
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/17 12:0 a.m.โ€ข20 views

Simple URLs < 115 - Multiple Reflected XSS

The plugin does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. PoC https://example.com/wp-content/plugins/simple-urls/admin/assets/js/import-js.php?search=...

6.1CVSS5.6AI score0.01726EPSS
Exploits6Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/13 12:0 a.m.โ€ข20 views

WP-OliveCart <= 1.1.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/13 12:0 a.m.โ€ข20 views

WP Better Emails <= 0.4 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/12 12:0 a.m.โ€ข20 views

WP Blog and Widget < 2.3.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Note:...

5.4CVSS1.6AI score0.00649EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/11 12:0 a.m.โ€ข20 views

WOOF - Products Filter for WooCommerce < 1.3.2 - Admin+ PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. PoC 1. To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

7.2CVSS3.1AI score0.01313EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/11 12:0 a.m.โ€ข20 views

Vimeo Video Autoplay Automute <= 1.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC vimeo clipid="1" color="'...

5.4CVSS2.9AI score0.0055EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/10 12:0 a.m.โ€ข20 views

Royal Elementor Addons < 1.3.60 - Subscriber+ Arbitrary Template Activation

The plugin does not have authorisation and CSRF checks when activating templates, which could allow any authenticated user, such as subscriber to perform such action...

4.3CVSS3.2AI score0.00603EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/10 12:0 a.m.โ€ข20 views

Easy Testimonials < 3.9.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC 1. Insert...

5.4CVSS2.8AI score0.00649EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/03 12:0 a.m.โ€ข20 views

Bold Timeline Lite < 1.1.5 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Exploit...

5.4CVSS2.6AI score0.01011EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/02 12:0 a.m.โ€ข20 views

Google Analyticator < 6.5.6 - Admin+ PHP Object Injection

The plugin unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present PoC To simulate a gadget chain, put the following code in a plugin: class Evil public function wakeup : void...

7.2CVSS0.8AI score0.01046EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2023/01/02 12:0 a.m.โ€ข20 views

Booster for WooCommerce - Multiple CSRF

The plugins have either flawed CSRF checks or are missing them completely in numerous places, allowing attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS5.2AI score0.00339EPSS
Exploits0Affected Software3
WPVulnDB
WPVulnDB
โ€ขadded 2022/12/29 12:0 a.m.โ€ข20 views

Passster < 3.5.5.8 - Contributor+ Stored Cross-Site Scripting

The plugin does not escape the area parameter of its shortcode, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks. PoC passster password="1" area='" style="animation-name:twentytwentyone-close-button-transition" onanimationend="alert/XSS///'...

5.4CVSS3.3AI score0.00393EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/12/29 12:0 a.m.โ€ข20 views

Video Conferencing with Zoom < 4.0.10 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC 1. Insert...

5.4CVSS2.3AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/12/28 12:0 a.m.โ€ข20 views

Product Slider for WooCommerce < 2.6.4 - Contributor+ Stored XSS in Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Install t...

5.4CVSS0.9AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/12/19 12:0 a.m.โ€ข20 views

Mautic Integration For WooCommerce < 1.0.3 - Arbitrary Options Update via CSRF

The plugin does not have proper CSRF check when updating settings, and does not ensure that the options to be updated belong to the plugin, allowing attackers to make a logged in admin change arbitrary blog options via a CSRF attack. The attack could also be performed via a LFI if one is present ...

4.3CVSS2AI score0.00308EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/12/16 12:0 a.m.โ€ข20 views

iPages Flipbook For WordPress < 1.4.7 - Contributor+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC 1. Create a new book item with whatever role, even if it's an Administrator. 2...

5.4CVSS0.8AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/12/13 12:0 a.m.โ€ข20 views

WP Custom Admin Interface < 7.29 - Admin+ PHP Object Injection

The plugin unserialize user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. PoC action=importsettings=O%3a4%3a%22Evil%22%3a0%3a%7b%7d%3b=6960d7bb50...

7.2CVSS4.5AI score0.17686EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/12/12 12:0 a.m.โ€ข20 views

Web Invoice <= 2.1.3 - Authenticated SQLi

The plugin does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as subscriber could exploit this as well PoC...

7.2CVSS1AI score0.00983EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/12/07 12:0 a.m.โ€ข20 views

BookingPress < 1.0.31 - Unauthenticated IDOR in appointment_id

The plugin suffers from an Insecure Direct Object Reference IDOR vulnerability in it's thank you page, allowing any visitor to display information about any booking, including full name, date, time and service booked, by manipulating the appointmentid query parameter. PoC curl -s...

5.3CVSS0.5AI score0.00669EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/12/04 12:0 a.m.โ€ข20 views

2kb Amazon Affiliates Store <= 2.1.5 - Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...

6.1CVSS5.6AI score0.00392EPSS
Exploits0
WPVulnDB
WPVulnDB
โ€ขadded 2022/12/01 12:0 a.m.โ€ข20 views

Afterpay Gateway for WooCommerce < 3.5.1 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape some parameters, allowing an attacker to trick a visitor to send a request with XSS payloads that will trigger when they visit the site...

6.1CVSS4.4AI score0.00427EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/12/01 12:0 a.m.โ€ข20 views

Google Apps Login < 3.4.5 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to the setting page of this plugin. 2...

4.8CVSS0.6AI score0.00532EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/11/28 12:0 a.m.โ€ข20 views

Directorist < 7.4.4 - Subscriber+ Sensitive Information Disclosure

The plugin does not prevent users with low privileges like subscribers from accessing sensitive system information. PoC fetch'http://wpscan.local/wp-admin/admin-ajax.php', method: 'POST', headers: new Headers 'Content-Type': 'application/x-www-form-urlencoded', , body: 'action=sendsysteminfo',...

6.5CVSS1.1AI score0.00699EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/11/28 12:0 a.m.โ€ข20 views

InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE

The plugin insecurely uses PHP's extract function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers. PoC Invoke the following shell commands to disclose the /etc/passwd file: Define the payload "pagepath"...

9.8CVSS0.09519EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/11/21 12:0 a.m.โ€ข20 views

Icegram Express < 5.5.1 - Subscriber+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscriber PoC Open the below URL when logged in as a subscriber and notice the 5s delay...

8.8CVSS0.9AI score0.00742EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/11/17 12:0 a.m.โ€ข20 views

News Announcement Scroll < 9.0.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS2.5AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
โ€ขadded 2022/11/17 12:0 a.m.โ€ข20 views

Chameleon < 1.4.4 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS2AI score0.00392EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000