Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•13 views

ImageRecycle pdf & image compression < 3.1.12 - Reflected XSS

Description The plugin does not sanitise and escape the page and s parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00331EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•13 views

WooCommerce PDF Invoice Builder < 1.2.91 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.4AI score0.00412EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•15 views

Font Awesome 4 Menus <= 4.7.0 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its fa and fa-stack shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.4CVSS5.6AI score0.0044EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•14 views

Duplicate Post Page Menu & Custom Post Type < 2.4.0 - Subscriber+ Post Duplication

Description The plugin is vulnerable to unauthorized page and post duplication due to a missing capability check on the duplicateppmcpostasdraft function in versions up to, and including, 2.3.1. This makes it possible for authenticated attackers with subscriber access or higher to duplicate posts...

4.3CVSS6.1AI score0.00406EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•20 views

WordPress Social Login <= 3.0.4 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its wordpresssocialloginmeta shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.4CVSS5.6AI score0.00359EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•23 views

Media Library Assistant < 3.10 - Unauthenticated Local/Remote File Inclusion & Remote Code Execution

Description The plugin is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the 'mlastreamfile' parameter from the /includes/mla-stream-image.php file, where images are processe...

9.8CVSS9.6AI score0.82585EPSS
Exploits6References3Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•13 views

WooCommerce PDF Invoice Builder < 1.2.90 - Subscriber+ SQLi

Description The plugin does not properly sanitise and escape the pageId parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscribers...

8.8CVSS7AI score0.00619EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•12 views

WooCommerce PDF Invoice Builder < 1.2.91 - Invoice Update via CSRF

Description The plugin does not have CSRF check when updating invoices, which could allow attackers to make logged in admin perform such action via a CSRF attack...

4.3CVSS6.4AI score0.00245EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•17 views

User Email Verification for WooCommerce <= 3.5.0 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00324EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•15 views

ImageRecycle pdf & image compression < 3.1.11 - Reflected XSS

Description The plugin does not sanitise and escape the page parameters before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.00331EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•13 views

WooCommerce PDF Invoice Builder < 1.2.92 - Subscriber+ Arbitrary Invoice Access

Description The plugin does not have authorisation in the GetInvoiceDetail function, allowing any authenticated users, such as subscriber to access arbitrary invoice by knowing or guessing the order and invoice IDs...

4.3CVSS6.4AI score0.00432EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•16 views

PixTypes <= 1.4.15 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6.1AI score0.00331EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•13 views

Woo Custom Emails <= 2.2 - Reflected XSS

Description The plugin does not sanitise and escape the wcemailsedit parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.2AI score0.00389EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/07 12:0 a.m.•22 views

BigBlueButton <= 3.0.0-beta.4 - Reflected XSS

Description The plugin does not sanitise and escape the username and tempentrypass parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.00324EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•13 views

Custom Admin Login Page | WPZest <= 1.2.0 - Admin+ Stored XSS

Description The plugin does not validate and escape some settings, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS6AI score0.00316EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•11 views

My Account Page Editor < 1.3.2 - Subscriber+ Arbitrary File Upload

Description The plugin does not validate the profile picture to be uploaded, allowing any authenticated users, such as subscriber to upload arbitrary files to the server, leading to RCE PoC Prerequisite: This vulnerability requires the "Upload Profile Picture" option to be enabled, which isn't th...

6.2AI score0.00816EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•14 views

Plausible Analytics < 1.3.4 - Reflected XSS

Description The plugin does not sanitise and escape the page-url parameter before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.2AI score0.00294EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•10 views

LINE Notify < 1.4.5 - Reflected XSS

Description The plugin does not sanitise and escape the uid parameter before outputting it back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.0033EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•17 views

Carrot <= 1.1.0 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.6AI score0.00316EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•5 views

Schedule Posts Calendar < 5.3 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

6AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•15 views

Avartan Slider Lite <= 1.5.3 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00324EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•19 views

CT Commerce <= 2.0.1 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS6AI score0.00316EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•17 views

WRC Pricing Tables < 2.3.9 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.6AI score0.00316EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•10 views

WebLibrarian <= 3.5.8.4 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00323EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•23 views

Newsletter < 7.9.0 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its newsletterform shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.4CVSS5.6AI score0.00437EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/06 12:0 a.m.•17 views

Online Booking & Scheduling Calendar for WordPress by vcita < 4.3.3 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00324EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/04 12:0 a.m.•17 views

All in One B2B for WooCommerce <= 1.0.3 - Unauthenticated Privilege Escalation

Description The plugin does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation. PoC curl 'https://example.com/' -d...

6.5AI score0.00569EPSS
Exploits2
WPVulnDB
WPVulnDB
•added 2023/09/04 12:0 a.m.•14 views

Library Viewer < 2.0.6.1 - Contributor+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.7AI score0.00374EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/04 12:0 a.m.•22 views

All in One B2B for WooCommerce <= 1.0.3 - Multiple CSRF

Description The plugin does not properly check nonce values in several actions, allowing an attacker to perform CSRF attacks. PoC This CSRF attack will reject a Quote in the database. 1. Go to All In One Quote Quotes 2. Click "Add quote", fill in the title, and save. 3. Find the Quote ID,...

8.8CVSS8.7AI score0.00321EPSS
Exploits2
WPVulnDB
WPVulnDB
•added 2023/09/04 12:0 a.m.•14 views

Atarim < 3.9.4 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

7.1CVSS5.6AI score0.0032EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/03 12:0 a.m.•18 views

Audio Player with Playlist Ultimate < 1.3 - Contributor+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.7AI score0.0031EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/01 12:0 a.m.•13 views

Social Share Boost <= 4.5 - Plugin Settings Update via CSRF

Description The plugin does not have CSRF checks in the syntaticalsettingscontent, which could allow attackers to make logged in users update plugin settings via CSRF attacks...

8.8CVSS6.5AI score0.00208EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/09/01 12:0 a.m.•11 views

YourMembership Single Sign On < 1.1.4 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.6AI score0.0031EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/09/01 12:0 a.m.•22 views

Activity Log < 2.8.8 - IP Spoofing

Description This plugin retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic. PoC Run the following code in the web browser and note on the backend that the IP address has been fake...

5.3CVSS5.4AI score0.00627EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/31 12:0 a.m.•21 views

Multiple Plugins from ServMask - Unauthenticated Access Token Update

Description The plugins do not have authorisation in the init function hooked to the admininit action, allowing unauthenticated attackers to update the access token PoC With the All-in-One WP Migration Box Extension installed, open the below URL as unauthenticated:...

6.3AI score0.09666EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/31 12:0 a.m.•12 views

Order Tracking Pro < 3.3.7 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape the order status parameter, which could allow users with a role of Admin to perform Cross-Site Scripting attacks...

4.8CVSS6.2AI score0.003EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/31 12:0 a.m.•13 views

Order Tracking Pro < 3.3.7 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape the startdate and enddate parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.2AI score0.00466EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•9 views

NotifyVisitors <= 1.0 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS6AI score0.00366EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•11 views

Ditty < 3.1.25 - Reflected XSS

Description The plugin does not sanitise and escape some parameters and generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. PoC...

6.1CVSS6AI score0.00812EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•7 views

FileOrganizer < 1.0.3 - Admin+ Arbitrary File Access

Description The plugin does not restrict functionality on multisite instances, allowing site admins to gain full control over the server. PoC On a multisite instance, log in as an admin. Click on File Organizer in the sidebar. The UI gives full control to the files on the server, despite not bein...

7.2CVSS7.1AI score0.00628EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•13 views

Popup Builder < 4.2.0 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. Note: The vendor was made aware of th...

4.8CVSS4.6AI score0.00379EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•14 views

Import XML and RSS Feeds < 2.1.4 - Admin+ Arbitrary File Upload

Description The plugin does not filter file extensions for uploaded files, allowing an attacker to upload a malicious PHP file, leading to Remote Code Execution. PoC NOTE: Because of an error in this version of the plugin, the following POC only works on PHP versions previous to 8.0. 1. As an...

7.2CVSS7.3AI score0.01698EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•15 views

WishSuite < 1.3.5 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.6AI score0.00366EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•13 views

Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE

Description The plugin contains a web shell, allowing unauthenticated attackers to perform RCE. The plugin/vendor was not compromised and the files are the result of running a PoC for a previously reported issue https://wpscan.com/vulnerability/d4220025-2272-4d5f-9703-4b2ac4a51c42 and not deletin...

9.8CVSS9.5AI score0.39294EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•17 views

WP Job Portal < 2.0.6 - Unauthenticated SQLi

Description The plugin does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users PoC Setup as admin: Create a dummy company and a job if there are none Attack as unauthenticated: time curl -X POST --data...

9.8CVSS9.8AI score0.03096EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•18 views

Translate WordPress with GTranslate < 3.0.4 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. This vulnerability affects multiple...

4.8CVSS5.8AI score0.00402EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•18 views

GDPR Cookie Consent Notice Box < 1.1.7 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.6AI score0.00439EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•26 views

DoLogin Security < 3.7 - IP Spoofing

Description The plugin uses headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing. PoC 1. Send login request with x-forwarded-for: REDACTEDIP 2. See spoofed IP address in the "Login Attempts Log"...

5.3CVSS5.2AI score0.00624EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•32 views

Forminator < 1.25.0 - Unauthenticated Arbitrary File Upload

Description The plugin does not validate files to be uploaded before writing them on the server, allowing unauthenticated users to upload arbitrary files and lead to RCE...

9.8CVSS7.2AI score0.12749EPSS
Exploits3References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/30 12:0 a.m.•13 views

Locatoraid Store Locator < 3.9.24 - Reflected XSS

Description The plugin does not sanitise and escape the lpr-search parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. PoC Setup as admin: - Locatoraid Configuration Google Maps Enter "none" a...

6.1CVSS6.1AI score0.0042EPSS
Exploits2Affected Software1
Total number of security vulnerabilities14603