14602 matches found
Simple Paypal Shopping Cart <= 3.5 - Cross-Site Request Forgery (CSRF)
The WordPress Simple PayPal Shopping Cart WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability...
WordPress 2.0 - 3.0.1 Multiple Cross-Site Scripting (XSS) in request_filesystem_credentials()
...
slidedeck2 < 2.1.20130313 - XSS in ZeroClipboard
The SlideDeck 2 Lite Responsive Content Slider WordPress plugin was affected by a XSS in ZeroClipboard security vulnerability. PoC /wp-content/plugins/slidedeck2/js/zeroclipboard/ZeroClipboard.swf?id="catcheif!self.aself.a=!alertdocument.cookie//...
plugin wordTube <= 1.43 - (wpPATH) RFI
The wordtube WordPress plugin was affected by a wpPATH RFI security vulnerability...
Wordpress <= 1.5.1.3 - Remote Code Execution
...
Advanced Dewplayer <= 1.2 - download-file.php dew_file Parameter Traversal Arbitrary File Access
The Advanced Dewplayer WordPress plugin was affected by a download-file.php dewfile Parameter Traversal Arbitrary File Access security vulnerability...
Simple Share Buttons Adder 4.4 - options-general.php Multiple Admin Actions CSRF
The Simple Share Buttons Adder WordPress plugin was affected by an options-general.php Multiple Admin Actions CSRF security vulnerability...
WP Tmkm Amazon <= 1.5b - XSS
The wp-tmkm-amazon WordPress plugin was affected by a XSS security vulnerability...
TinyMCE Color Picker 1.1 - tinymce-colorpicker.php Missing edit_others_posts Capability Check
The TinyMCE Color Picker WordPress plugin was affected by a tinymce-colorpicker.php Missing editothersposts Capability Check security vulnerability...
WP eBay Product Feeds < 1.2 - Cross-Site Scripting via rss_url Parameter
The WP eBay Product Feeds WordPress plugin was affected by a Cross-Site Scripting via rssurl Parameter security vulnerability. PoC http://localhost/wordpress/wp-content/plugins/ebay–feeds–for–wordpress/magpie/scripts/magpieslashbox.php?rssurl=%3Cscript%3Ealert%281%29%3C/script%3E...
Podcast Channels < 0.28 - Unauthenticated Reflected XSS
The Podcast Channels WordPress plugin was affected by an Unauthenticated Reflected XSS security vulnerability. PoC http://127.0.0.1/wp-content/plugins/podcast–channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&...
WP e-Commerce Swipe <= 3.1.0 - Multiple XSS Issues
The last time it was checked the plugin was still affected and had been closed. PoC...
Wordpress Social Login < 2.1.5 - XSS
The WordPress Social Login WordPress plugin was affected by a XSS security vulnerability...
Nextend Facebook Connect <= 1.4.59 - Cross-Site Scripting (XSS)
The Nextend Social Login and Register WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...
Media File Renamer <= 1.7.0 - Stored Cross-Site Scripting (XSS)
The Media File Renamer – Auto & Manual Rename WordPress plugin was affected by a Stored Cross-Site Scripting XSS security vulnerability...
Contact Form 3.34 - contact_form.php cntctfrm_contact_message Parameter XSS
The Contact Form by BestWebSoft WordPress plugin was affected by a contactform.php cntctfrmcontactmessage Parameter XSS security vulnerability...
Quick Post Widget 1.9.1 - Multiple Cross-Site Scripting (XSS)
The quick-post-widget WordPress plugin was affected by a Multiple Cross-Site Scripting XSS security vulnerability...
Events Manager < 5.1.7 - Cross-Site Scripting (XSS)
The Events Manager WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...
Pretty Link Lite <= 1.5.3 - Cross-Site Scripting (XSS)
The Pretty Links – Link Management, Branding, Tracking & Sharing Plugin WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...
Survey And Quiz Tool <= 2.9.2 - Cross Site Scripting
The wp-survey-and-quiz-tool WordPress plugin was affected by a Cross Site Scripting security vulnerability...
Slideshow Gallery 2 <= 1.1.4 - Cross-Site Scripting (XSS)
The last time it was checked the plugin was still affected and had been closed...
WordPress 0.7 - SQL Injection
...
Visualizer < 3.11.2 - Authenticated (Subscriber+) SQL Injection
Description The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to SQL Injection via the saveQuery function in all versions up to, and including, 3.11.1 due to a missing capability check on a function that runs SQL Queries. This makes it possible for...
BuddyForms <= 2.8.9 - Email Verification Bypass due to Insufficient Randomness
Description The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up to, and including, 2.8.9 via the use of an insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification...
Integrate Google Drive < 1.3.94 - Missing Authorization
Description The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and includin...
Save as PDF Plugin by Pdfcrowd < 3.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Save as PDF Plugin by Pdfcrowd plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything! < 1.0.48 - Authenticated (Contributor+) Stored Cross-Site Scripting via Trigger Link Shortcode
Description The SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Trigger Link shortcode in all versions up to, and including, 1.0.47 due to insufficient input sanitization and output...
DethemeKit For Elementor < 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via slitems Attribute
Description The DethemeKit For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slitems' attribute within the plugin's De Product Tab & Slide widget in all versions up to, and including, 2.1.4 due to insufficient input sanitization and output escaping on user...
HUSKY – Products Filter Professional for WooCommerce < 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.3.5.3 due to insufficient input sanitization and output escaping on user supplied attributes...
FooBox (Free and Premium) < 2.7.28 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC Go to settings and change the...
Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders < 5.8.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Carousel Widget
Description The Essential Addons for Elementor PRO – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Team Member Carousel widget in all Pro versions up to, and including, 5.8.14 due to insufficient...
Testimonial Carousel For Elementor < 10.2.1 - Missing Authorization to Limited Setting Update
Description The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savetestimonialsoptioncallback' function in versions up to, and including, 10.2.0. This makes it possible for unauthenticated...
Unlimited Elements for Elementor < 1.5.108 - Contributor+ SQLi
Description The plugin is vulnerable to SQL Injection via the ‘datapostids0’ parameter due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and...
YITH WooCommerce Ajax Search < 2.4.1 - Unauthenticated Stored Cross-Site Scripting
Description The YITH WooCommerce Ajax Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘item’ parameter in versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...
WP Photo Album Plus < 8.7.00.004 - Unauthenticated Arbitrary Shortcode Execution
Description The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.7.02.003. This is due to the plugin allowing unauthenticated users to execute an action that does not properly validate a value before running doshortcod...
ChaosTheory < 1.3.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting
Description The ChaosTheory theme for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject...
Order Export & Order Import for WooCommerce < 2.5.0 - Authenticated (Administrator+) PHP Object Injection
Description The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.9 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Administrator-level access and above,...
Uber Menu < 3.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes
Description The UberMenu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ubermenu-col, ubermenumobileclosebutton, ubermenutoggle, ubermenu-search shortcodes in all versions up to, and including, 3.8.2 due to insufficient input sanitization and output escaping on...
ArForms < 6.6 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Add or edit an existing form an...
Testimonial Carousel For Elementor < 10.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'showlinetext ' and 'slidebuttonhoveranimation' parameters in versions up to, and including, 10.1.1 due to insufficient input sanitization and output escaping. This makes i...
Heateor Social Login WordPress < 1.1.32 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Heateor Social Login WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.1.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
Stockholm < 9.7 - Authenticated (Contributor+) Local File Inclusion
Description The Stockholm theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.6. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution ...
Arigato Autoresponder and Newsletter < 2.7.2.4 - Cross-Site Request Forgery
Description The Arigato Autoresponder and Newsletter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.2.3. This is due to missing or incorrect nonce validation on the contactform function. This makes it possible for unauthenticated attacke...
MC Woocommerce Wishlist < 1.7.9 - Missing Authorization
Description The MC Woocommerce Wishlist plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deleteitem function in versions up to, and including, 1.7.8. This makes it possible for unauthenticated attackers to remove items from wishlists...
Custom Post Type Attachment < 3.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via pdf_attachment Shortcode
Description The Custom Post Type Attachment plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pdfattachment' shortcode in all versions up to, and including, 3.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
Email Subscribers by Icegram Express < 5.7.20 - Missing Authorization in handle_ajax_request
Description The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on the handleajaxrequest function in all versions up to, and including, 5.7.19. This makes it possible f...
YITH WooCommerce Gift Cards < 4.13.0 - Missing Authorization to Unauthenticated WooCommerce Settings Update
Description The YITH WooCommerce Gift Cards plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savemailstatus' and 'saveemailsettings' functions in all versions up to, and including, 4.12.0. This makes it possible for unauthenticated...
Ninja Forms – The Contact Form Builder That Grows With You < 3.8.1 - Admin+ Stored Cross-Site Scripting
Description The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a form field in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for...
Gutenberg Blocks with AI by Kadence WP – Page Builder Features < 3.2.20 - Contributor+ Server-Side Request Forgery
Description The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.2.19. This makes it possible for authenticated attackers, with contributor-level access and above, to make web...
LearnPress – WordPress LMS Plugin < 4.2.6.6 - Unauthenticated Bypass to User Registration
Description The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 4.2.6.5. This is due to missing checks in the 'createaccount' function in the checkout. This makes it possible for unauthenticated attackers to...