Lucene search
K
WpvulndbMost viewed

14602 matches found

WPVulnDB
WPVulnDB
added 2024/02/05 12:0 a.m.19 views

Shareaholic < 9.7.12 - Missing Authorization via accept_terms_of_service

Description The Professional Social Sharing Buttons, Icons & Related Posts – Shareaholic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'accepttermsofservice' function in all versions up to, and including, 9.7.11. This makes it...

6.7AI score0.00192EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/02 12:0 a.m.20 views

Orbit Fox by ThemeIsle < 2.10.29 - Unauthenticated Connected API Keys Update

Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check on the registerreference function, allowing unauthenticated attackers to update the connected API keys...

5CVSS7.1AI score0.0056EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/02 12:0 a.m.19 views

WPDashboardNotes < 1.0.11 - Unauthorised Deletion of Private Notes

Description The plugin is vulnerable to Insecure Direct Object References IDOR in postid= parameter. Authenticated users are able to delete private notes associated with different user accounts. This poses a significant security risk as it violates the principle of least privilege and compromises...

6.4AI score0.00402EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/02 12:0 a.m.19 views

LearnDash LMS < 4.10.2 - Sensitive Information Exposure via assignments

Description The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.1 via direct file access due to insufficient protection of uploaded assignments. This makes it possible for unauthenticated attackers to obtain those uploa...

5CVSS6.7AI score0.02419EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/02 12:0 a.m.19 views

DearFlip < 2.2.27 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via outline settings due to insufficient input sanitization and output escaping on user supplied data, allowing authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that wi...

5.4CVSS5.4AI score0.00442EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/02/02 12:0 a.m.19 views

Ninja Forms Contact Form < 3.7.2 - Unauthenticated Second Order SQL Injection

Description The plugin is vulnerable to Second Order SQL Injection via the email address value submitted through forms due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...

7.5CVSS8AI score0.00778EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/02/01 12:0 a.m.19 views

ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks < 3.1.5 - PHP Object Injection via wopb_wishlist and wopb_compare

Description The ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.4 via deserialization of untrusted input from the 'wopbwishlist' and 'wopbcompare' cookies. This makes it possible for...

4CVSS7.3AI score0.00519EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/31 12:0 a.m.19 views

SiteOrigin Widgets Bundle < 1.58.2 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the code editor due to insufficient input sanitization and output escaping, allowing authenticated attackers, with contributor access or higher, to perform Stored XSS attacks...

4.9CVSS5.3AI score0.00531EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/31 12:0 a.m.19 views

Starbox < 3.4.8 - Subscriber+ Plugin Preferences / User Settings Access via IDOR

Description The plugin is vulnerable to Insecure Direct Object Reference via the action function due to missing validation on a user controlled key. This makes it possible for subscribers to view plugin preferences and potentially other user settings...

4CVSS6.7AI score0.00576EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/31 12:0 a.m.19 views

Mang Board WP < 1.7.8 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.3CVSS4.9AI score0.00316EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/24 12:0 a.m.19 views

Content Views < 3.6.3 - Admin+ Stored XSS

Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.3CVSS5.7AI score0.00499EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/20 12:0 a.m.19 views

Getwid – Gutenberg Blocks < 2.0.5 - Captcha Bypass

Description The plugin is vulnerable to CAPTCHA Bypass in versions up to, and including, 2.0.4. This makes it possible for unauthenticated attackers to bypass the Captcha Verification of the Contact Form block by omitting 'g-recaptcha-response' from the 'data' array...

5.3CVSS6.7AI score0.00534EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/20 12:0 a.m.19 views

PDF Invoices & Packing Slips for WooCommerce < 3.7.6 - Shop Manager+ SQL Injection

Description The plugin is vulnerable to SQL Injection via the getnumbers function in all versions up to, and including, 3.7.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attacker...

7.6CVSS7.5AI score0.0058EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/19 12:0 a.m.19 views

Post views Stats <= 1.3 - Reflected Cross-Site Scripting via from and to

Description The Post views Stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'from’ and 'to' parameters in versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.1CVSS6.2AI score0.00334EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/01/17 12:0 a.m.19 views

Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect

Description The plugin is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action. PoC...

6.5AI score0.01254EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/17 12:0 a.m.19 views

Orbit Fox by ThemeIsle < 2.10.28 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table Elementor Widget in all versions up to, and including, 2.10.27 due to insufficient input sanitization and output escaping on the user supplied link URL...

6.4CVSS5.8AI score0.00525EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/15 12:0 a.m.19 views

MailerLite – WooCommerce integration < 2.0.9 - Missing Authorization via Multiple Functions

Description The MailerLite – WooCommerce integration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple functions in versions up to, and including, 2.0.8. This makes it possible for authenticated attackers, with subscriber-level...

6.7AI score0.00407EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/12 12:0 a.m.19 views

Infogram <= 1.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Infogram plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject...

6.5CVSS5.5AI score0.0031EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/01/12 12:0 a.m.19 views

pTypeConverter <= 0.2.8.1 - Authenticated (Editor+) SQL Injection

Description The pTypeConverter plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 0.2.8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers...

8.8CVSS7.5AI score0.00539EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/01/12 12:0 a.m.19 views

Ideal Interactive Map <= 1.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Ideal Interactive Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, ...

6.5CVSS5.9AI score0.00328EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/01/10 12:0 a.m.19 views

EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure

Description The plugins do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set for example for Zoom PoC curl -X POST --data "eid=240"...

5.3CVSS5.5AI score0.00453EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.19 views

Quiz And Survey Master < 8.1.19 - Quiz Results Deletion via CSRF

Description The plugin does not have CSRF checks in some functions, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks, such as delete quiz results...

5.4CVSS7.1AI score0.00197EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.19 views

Local Delivery Drivers for WooCommerce < 1.9.1 - Missing Authorization to Driver Account Takeover

Description The Local Delivery Drivers for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'lddfweditdriverservice' function in all versions up to, and including, 1.9.0. This makes it possible for...

7AI score0.00538EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.19 views

WooCommerce PDF Invoices < 4.3.0 - Shop Manager+ Arbitrary Options Update

Description The plugin does not have proper authorisation in its JSON import feature, which could allow Shop Manager and above roles to update arbitrary blog options...

7.2AI score0.00643EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.19 views

FastDup < 2.1.8 - Sensitive Information Exposure via Log File

Description The FastDup – Fastest WordPress Migration & Duplicator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.7 via the plugin's log file. This makes it possible for unauthenticated attackers to extract sensitive data including...

7.5CVSS6.9AI score0.0048EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.19 views

Events Shortcodes & Templates For The Events Calendar < 2.3.2 - Authenticated (Contributor+) SQL Injection via shortcode

Description The Events Shortcodes & Templates For The Events Calendar plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 2.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existi...

8.8CVSS7.5AI score0.00544EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.19 views

WP Frontend Profile < 1.3.2 - Unauthenticated Privilege Escalation

Description The plugin is vulnerable to privilege, allowing unauthenticated attackers to take over arbitrary accounts on the site...

9.5AI score0.00538EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.19 views

Orbit Fox Companion < 2.10.27 - Contributor+ Stored XSS

Description The plugin is vulnerable to Stored Cross-Site Scripting via the plugin's custom fields due to insufficient input sanitization and output escaping on user supplied values, allowing authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in...

6.4CVSS5.8AI score0.00403EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.19 views

Active Products Tables for WooCommerce < 1.0.6.1 - Unauthenticated PHP Object Injection

Description The Active Products Tables for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.6 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. If a POP chain is...

10CVSS7.7AI score0.00651EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/05 12:0 a.m.19 views

Uncode Core < 2.8.7 - Reflected Cross-Site Scripting

Description The uncode-core plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in all versions up to, and including, 2.8.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrar...

7.1CVSS6.5AI score0.00351EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.19 views

All-in-one Floating Contact Form < 2.1.4 - Unauthenticated Unauthorised Action

Description The plugin does not have authorisation check in a function, which could allow unauthenticated users to perform an unauthorised action...

6.8AI score0.00485EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.19 views

Add Any Extension to Pages < 1.5 - Cross-Site Request Forgery via aaetp_options_page

Description The Add Any Extension to Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the 'aaetpoptionspage' function. This makes it possible for unauthenticated attackers to...

8.8CVSS6.6AI score0.00227EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.19 views

Crowdsignal Dashboard < 3.1.0 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00354EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.19 views

Stylish Price List < 7.0.18 - Missing Authorization

Description The Stylish Price List plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on multiple functions in versions up to, and including, 7.0.17. This makes it possible for authenticated attackers, with contributor-level access a...

9.8CVSS6.7AI score0.00249EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.19 views

RegistrationMagic < 5.2.5.1 - Form Submission Limit Bypass

Description The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to form submission limit bypass in all versions up to, and including, 5.2.5.0 due to insufficient protection logic. This makes it possible for unauthenticat...

6.8AI score0.0033EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.19 views

AI Power: Complete AI Pack – Powered by GPT-4 < 1.8.3 - Missing Authorization to Sensitive Data Exposure

Description The AI Power: Complete AI Pack – Powered by GPT-4 plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wpaicgexportlogscallback function in all versions up to, and including, 1.8.2. This makes it possible for unauthenticated attackers to...

7.5CVSS6.8AI score0.0048EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/04 12:0 a.m.19 views

WooCommerce Stripe Payment Gateway < 7.6.2 - Unauthenticated Order Deletion via IDOR

Description The plugin doe snot properly check for ownership of completed/pending orders, allowing unauthenticated users to put such order in the trash and delete them...

9.8CVSS7.2AI score0.00599EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/03 12:0 a.m.19 views

MapPress Maps for WordPress < 2.88.14 - Contributor+ Stored XSS

Description The plugin does not sanitize and escape the Point of Interest Title and Description options in a map, allowing Contributor and above role to perform Stored Cross-Site Scripting attacks PoC As a contributor, add/edit a Map and search any location you want. Add XSS Payload on Location’s...

6.4CVSS5.4AI score0.00547EPSS
Exploits2References2Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/03 12:0 a.m.19 views

OMGF < 5.7.10 - Unauthenticated Directory Deletion & Stored XSS

Description The plugin is vulnerable to unauthorized modification of data and Stored Cross-Site Scripting due to a missing capability check on the updatesettings function hooked via admininit. This makes it possible for unauthenticated attackers to update the plugin's settings which can be used t...

8.6CVSS6AI score0.00478EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/03 12:0 a.m.19 views

FooGallery Premium < 2.4.6 - Contributor+ Stored XSS

Description The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attributes in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping. This makes it possible for contributors an...

6.4CVSS5.9AI score0.00407EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/03 12:0 a.m.19 views

FunnelKit Checkout < 3.11.0 - Subscriber+ Arbitrary Plugin Activation

Description The FunnelKit Checkout plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on an unknown function in all versions up to, and including, 3.10.3. This makes it possible for authenticated attackers, with subscriber access and above, t...

6.8AI score0.00294EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/03 12:0 a.m.19 views

Ultimate Addons for Beaver Builder < 1.35.14 - Contributor+ Arbitrary File Download

Description The Ultimate Addons for Beaver Builder plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.35.13. This makes it possible for authenticated attackers, with Contributor access and above, to read the contents of a limited subset of arbitrary...

6.5AI score0.00562EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/03 12:0 a.m.19 views

Piotnet Forms < 1.0.30 - Missing Authorization via multiple AJAX actions

Description The plugin is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX functions, allowing unauthenticated attackers to save draft posts and download arbitrary JSON files from the server...

9.4AI score0.00295EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/01/02 12:0 a.m.19 views

Autotitle for WordPress <= 1.0.3 - Settings Update to Stored XSS via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. PoC...

8.8CVSS6.5AI score0.00346EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2023/12/29 12:0 a.m.19 views

Booking Calendar WpDevArt < 3.2.12 - Admin+ SQLi

Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.7AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/26 12:0 a.m.19 views

Ultimate Dashboard < 3.7.12 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.4AI score0.00402EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/19 12:0 a.m.19 views

MW WP Form < 5.0.4 - Improper Limitation of File Name to Unauthenticated Arbitrary File Deletion

Description The MW WP Form plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 5.0.3. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete...

9.8CVSS7.9AI score0.01313EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/19 12:0 a.m.19 views

Image horizontal reel scroll slideshow < 13.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ihrss-gallery' shortcode in versions up to, and including, 13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS5.7AI score0.00445EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/16 12:0 a.m.19 views

Getwid < 2.0.3 - Unauthenticated Arbitrary Email Sending to Admin

Description Any unauthenticated user may send e-mail from the site with any title or content to the admin PoC fetch"http://127.0.0.1:8001/wp-admin/admin-ajax.php?action=getwidsendmail", "headers": "content-type": "application/x-www-form-urlencoded", , "body": "datasubject=Urgent WordPress update...

7.5CVSS6.6AI score0.00563EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/12/13 12:0 a.m.19 views

WP Photo Album Plus < 8.6.01.005 - IP Spoofing

Description The plugin does not properly check for IP addresses, allowing attackers to spoof IP addresses via headers and bypass the login protection offered by the plugin...

9.4AI score0.00311EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities5000