Lucene search
K
WpvulndbMost viewed

14602 matches found

WPVulnDB
WPVulnDB
•added 2023/05/11 12:0 a.m.•19 views

Slimstat Analytics < 5.0.5 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.0041EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/03 12:0 a.m.•19 views

UserAgent-Spy <= 1.3.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/26 12:0 a.m.•19 views

WooCommerce Multivendor Marketplace – REST API < 1.6.0 - Subscriber+ Arbitrary Orders Item And Notes Update

The plugin does not properly implement capability checks on the 'getitem', 'getordernotes', and 'addordernote' functions, leading to potential unauthorized access and addition of those items by authenticated users with subscriber privileges or above...

6.7AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/19 12:0 a.m.•19 views

EZP Maintenance Mode <= 1.0.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00461EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/19 12:0 a.m.•19 views

Continuous announcement scroller <= 13.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/18 12:0 a.m.•19 views

BadgeOS <= 3.7.1.6 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00246EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/18 12:0 a.m.•19 views

Themify Portfolio Post < 1.2.5 - Editor+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks...

5.4CVSS6.1AI score0.00364EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/18 12:0 a.m.•19 views

ApexChat < 1.3.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/17 12:0 a.m.•19 views

Japanized For WooCommerce < 2.5.8 - Reflected XSS

The plugin does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting PoC With the PeachPay payment gateway enabled can be enabled via the settings: http://example.com/wp-admin/admin.php?page=wc4jp-options=payment Make a logged in admin open the...

6.1CVSS6.4AI score0.0085EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/17 12:0 a.m.•19 views

NEX-Forms < 8.4 - Admin+ SQL Injection

The plugin does not properly escape the table parameter, which is populated with user input, before concatenating it to an SQL query. PoC POST /wp-admin/admin-ajax.php HTTP/1.1 Deleted Headers action=nfupdaterecord=Injection PointId=1=shared=exploit%60fields=/Deleted Content/...

7.2CVSS7.4AI score0.44629EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/17 12:0 a.m.•19 views

LearnPress Export Import < 4.0.3 - Reflected XSS

The plugin does not sanitise and escape the learn-press-export-file-name parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/13 12:0 a.m.•19 views

Ultimate Noindex Nofollow Tool II < 1.3.4 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

8.8CVSS8.5AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/11 12:0 a.m.•19 views

Web Stories < 1.32 - Author+ Auth Bypass

The plugin does not check password protections on posts before performing some actions, allowing users with the Author role or higher to perform unauthorized actions on posts. The Web Stories for WordPress plugin supports the WordPress built-in functionality of protecting content with a password...

6.5CVSS6.7AI score0.00442EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/06 12:0 a.m.•19 views

Product Catalog Simple < 1.7.0 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.4AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/05 12:0 a.m.•19 views

WCFM Frontend Manager < 6.6.0 - Multiple CSRF

The plugin does not have CSRF checks in numerous AJAX actions, allowing any attackers to make logged in admin modify knowledge bases/notices/payments, manage vendors/capabilities etc via CSRF attacks...

8.8CVSS8.7AI score0.00248EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/04/05 12:0 a.m.•19 views

WCFM Marketplace < 3.5.0 - Multiple CSRF

The plugin does not have CSRF in various AJAX actions, allowing attackers to make logged in admin modify shipping method details/products, delete arbitrary posts, etc via CSRF attacks...

8.8CVSS8.8AI score0.00248EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/30 12:0 a.m.•19 views

Premmerce Redirect Manager <= 1.0.10 - Cross-Site Request Forgery

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.3AI score0.00309EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/20 12:0 a.m.•19 views

Kanban Boards for WordPress <= 2.5.20 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/17 12:0 a.m.•19 views

WP Express Checkout < 2.2.9 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. If the 'Admin Dashboard Access Permission' is set...

4.8CVSS5.4AI score0.00352EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/16 12:0 a.m.•19 views

Import External Images <= 1.4 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/14 12:0 a.m.•19 views

Chronoforms <= 7.0.9 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.0026EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/14 12:0 a.m.•19 views

WP Basic Elements <= 5.2.15 - Cross-Site Request Forgery (CSRF)

The plugin does not protect its wpbesavesettings ajax actions against CSRF attacks, allowing an unauthenticated attacker to update the plugin settings by tricking a logged in admin to submit a crafted request...

8.8CVSS6.8AI score0.00253EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/13 12:0 a.m.•19 views

Klaviyo < 3.0.8 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.4AI score0.00396EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/08 12:0 a.m.•19 views

Daily Prayer Time <= 2023.05.04 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

6.7AI score0.00324EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/06 12:0 a.m.•19 views

Gallery Blocks with Lightbox < 3.0.8 - Subscriber+ Arbitrary Options Update

The plugin has an AJAX endpoint that can be accessed by any authenticated users, such as subscriber. The callback function allows numerous actions, the most serious one being reading and updating the WordPress options which could be used to enable registration with a default administrator user...

8.1CVSS7.7AI score0.00731EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/06 12:0 a.m.•19 views

Formidable Forms < 6.1 - IP Spoofing

The plugin uses several potentially untrusted headers to determine the IP address of the client, leading to IP Address spoofing and bypass of anti-spam protections. PoC 1. In WordPress's Settings Discussion page, add your IP address to the Disallowed Comment Keys field. This will block form...

6.5CVSS6.8AI score0.00498EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/03/03 12:0 a.m.•19 views

FareHarbor for WordPress < 3.6.7 - Admin+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role of Admin to perform Cross-Site Scripting attacks...

5.9CVSS6.1AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/28 12:0 a.m.•19 views

NEX-Forms < 8.3.3 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC 1. Add a form 2. Insert the following...

5.4CVSS5.4AI score0.00503EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/21 12:0 a.m.•19 views

GetResponse for WordPress <= 5.5.31 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC grwebform center='on'...

5.4CVSS5AI score0.00534EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/21 12:0 a.m.•19 views

Jobs for WordPress < 2.5.11 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/20 12:0 a.m.•19 views

Video Background < 2.7.5 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC v 2.7.5 vidbg loop="1;alert/XSS-loop/;...

5.4CVSS4.9AI score0.00534EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/15 12:0 a.m.•19 views

Quick Paypal Payments < 5.7.26 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00361EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/15 12:0 a.m.•19 views

Service Area Postcode Checker <= 2.0.8 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/14 12:0 a.m.•19 views

Client Logo Carousel <= 3.0.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Note: 1. First, you need to add a...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/13 12:0 a.m.•19 views

Shoppable Images Lite < 1.2.4 - Arbitrary Post Deletion via CSRF

The plugin does not have CSRF checks in some places, for example when deleting/updating images. Furthermore, it does not ensure that the image to be deleted are actually images, which could allow attackers to make logged in admins delete arbitrary posts via a CSRF attack...

8.8CVSS6.8AI score0.00248EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/10 12:0 a.m.•19 views

Quick Paypal Payments < 5.7.26 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/08 12:0 a.m.•19 views

Replyable < 2.2.10 - Subscriber+ PHP Object Injection

The plugin does not validate the class name submitted by the request when instantiating an object in the promptdismissnotice action and also lacks CSRF check in the related action. This could allow any authenticated users, such as subscriber to perform Object Injection attacks. The attack could...

8.8CVSS8.6AI score0.00511EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/06 12:0 a.m.•19 views

Visualizer < 3.9.2 - Contributor+ Stored XSS

The plugin does not sanitise and escape some parameters in the renderChartPages function, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00508EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/06 12:0 a.m.•19 views

ShopLentor < 2.5.2 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

5.4CVSS5.5AI score0.00229EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•19 views

Embed PDF <= 1.0.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC gdoc class='"...

5.4CVSS5AI score0.0049EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•19 views

Galleries by Angie Makes <= 1.67 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC gallery ids='1' captions="'...

5.4CVSS5.4AI score0.00466EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/02/02 12:0 a.m.•19 views

Multi-column Tag Map < 17.0.25 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.1AI score0.00386EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/31 12:0 a.m.•19 views

Namaste! LMS < 2.5.9.4 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to Namaste Settings, and at Payment...

4.8CVSS5.2AI score0.00527EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/24 12:0 a.m.•19 views

LearnPress Plugin < 4.2.0 - Subscriber+ SQLi

The plugin does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks Note: The original advisory mentioned that the issue is only exploitable by contributors, b...

9.1CVSS8.9AI score0.01005EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/24 12:0 a.m.•19 views

WP Font Awesome < 1.7.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embedded, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC wpfa color='red" onmouseover="alert1...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/23 12:0 a.m.•19 views

WP TripAdvisor Review Slider < 10.8 - Subscriber+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber. PoC Run the following code in the browser console on any WP Admin page. fetch'/wp-admin/admin-ajax.php', method: 'POST...

8.8CVSS9.1AI score0.04356EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/20 12:0 a.m.•19 views

WP Smart Preloader < 1.15.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/19 12:0 a.m.•19 views

Page Loading Effects < 3.0.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/17 12:0 a.m.•19 views

Easy Accept Payments for PayPal < 4.9.10 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC wppaypalpaymentboxforanyamount...

5.4CVSS5.1AI score0.0054EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/01/17 12:0 a.m.•19 views

WP-CommentNavi < 1.12.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00392EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000