Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
•added 2023/08/16 12:0 a.m.•17 views

WP Remote Users Sync < 1.2.12 - Subscriber+ Log Access

Description The plugin does not have authorisation in the refreshlogsasync function, allowing any authenticated users, such as subscriber to view logs...

4.3CVSS6.2AI score0.00533EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/16 12:0 a.m.•15 views

AFFILIATE Solution <= 1.0 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.6AI score0.00366EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/08/15 12:0 a.m.•14 views

WooCommerce Easy Duplicate Product < 0.3.0.1 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00379EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/14 12:0 a.m.•17 views

a3 Portfolio < 3.1.1 - Author+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the author role and above to perform Stored Cross-Site Scripting attacks...

5.9CVSS4.9AI score0.00366EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/14 12:0 a.m.•20 views

Multiple Themes - Reflected XSS

Description The themes suffer from the same issue about the search box reflecting the results causing XSS which allows an unauthenticated attacker to exploit against users if they click a malicious link. PoC https://example.com/?s=katana/asd/...

6.1CVSS6.1AI score0.00972EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/14 12:0 a.m.•15 views

Media from FTP < 11.17 - Author+ Arbitrary File Access

Description The plugin does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases. In 11.16, the manageoptions capability was used, however is still insufficient in case of MultiSite...

8.8CVSS8.6AI score0.00654EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/14 12:0 a.m.•15 views

Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access

Description The plugin does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server. PoC On a multisite installation, log in as a site admin. Notice that you are able to manage files on the server using th...

4.9CVSS5AI score0.00505EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/14 12:0 a.m.•14 views

Robo Gallery < 3.2.16 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to:...

4.8CVSS4.7AI score0.00402EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/14 12:0 a.m.•25 views

123.chat < 1.3.1 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC In the plugin's "User-ID" setting...

4.8CVSS4.9AI score0.00399EPSS
Exploits2
WPVulnDB
WPVulnDB
•added 2023/08/14 12:0 a.m.•16 views

Orders Tracking for WooCommerce < 1.2.6 - Admin+ Arbitrary File Access/Read

Description The plugin doesn't validate the fileurl parameter when importing a CSV file, allowing high privilege users with the managewoocommerce capability to access any file on the web server via a Traversal attack. The content retrieved is however limited to the first line of the file. PoC As ...

2.7CVSS3.6AI score0.00545EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/14 12:0 a.m.•15 views

User Activity Log < 1.6.7 - IP Spoofing

Description This plugin retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic. PoC 1. In User Activity Log Settings, enable the setting "Allow Ip Address of users to log." and save...

7.5CVSS7.5AI score0.00853EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/11 12:0 a.m.•30 views

Leyka < 3.30.3 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00338EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/11 12:0 a.m.•13 views

Gestion-Pymes <= 1.5.6 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.6AI score0.00316EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/08/11 12:0 a.m.•17 views

AGP Font Awesome Collection <= 3.2.4 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.00331EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/08/10 12:0 a.m.•15 views

WP Project Manager < 2.6.5 - Subscriber+ Privilege Escalation

Description The plugin does not have authorisation and does not properly check for the user metadata to be updated via the saveusersmapname function, allowing any authenticated users, such as subscriber to update their role and gain administrator privileges...

8.8CVSS6.5AI score0.00689EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/10 12:0 a.m.•15 views

Ninja Popups <= 4.7.5 - Unauthenticated Open Redirect

Description The plugin does not properly validate a redirect url, allowing unauthenticated attackers to redirect users to potentially malicious sites by clicking a link...

6.1CVSS6.5AI score0.00313EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/08/10 12:0 a.m.•11 views

EmbedPress < 3.8.3 - Subscriber+ Plugin Settings Delete

Description The plugin does not properly authorize access to its adminpostremove and removeprivatedata actions, allowing low privileged users such as subscribers to delete plugin settings...

5.4CVSS6.4AI score0.00419EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/10 12:0 a.m.•27 views

Contact Form Generator < 2.6.0 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.7AI score0.01231EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/10 12:0 a.m.•9 views

Realia <= 1.4.0 - User Email Change via Cross-Site Request Forgery

Description The plugin does not protect its processchangeprofileform action against CSRF attacks, allowing an unauthenticated attacker to change a users email by tricking a logged in administrator to submit a crafted request...

8.8CVSS6.5AI score0.00267EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/08/10 12:0 a.m.•16 views

EmbedPress < 3.8.3 - Contributor+ Stored Cross-Site Scripting via Shortcode

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back into the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege users such as admi...

6.4CVSS5.7AI score0.00423EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/10 12:0 a.m.•13 views

Absolute Privacy <= 2.1 - User Email/Password Change via Cross-Site Request Forgery

Description The plugin does not protect its abprprofileShortcode action against CSRF attacks, allowing an unauthenticated attacker to change a users email or password by tricking a logged in administrator to submit a crafted request...

8.8CVSS6.7AI score0.00276EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/08/10 12:0 a.m.•20 views

Store Locator WordPress < 1.4.13 - Reflected XSS

Description The plugin does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open the URL below...

6.1CVSS6AI score0.00645EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/10 12:0 a.m.•9 views

Post Timeline < 2.2.6 - Reflected XSS

Description The plugin does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open the URL below...

6.1CVSS6.1AI score0.00709EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/09 12:0 a.m.•17 views

User Activity Log < 1.6.6 - Subscriber+ Log Export

Description The plugin lacks proper authorisation when exporting its activity logs, allowing any authenticated users, such as subscriber to perform such action and retrieve PII such as email addresses. PoC As a subscriber, open the following URL...

4.3CVSS4.5AI score0.00427EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/09 12:0 a.m.•8 views

Real Estate Manager <= 6.7.1 - Subscriber+ Privilege Escalation

Description The plugin does not validate user metadata to be updated via its remsaveprofilefront function, allowing any authenticated users, such as subscriber to change their role to administrator for example by giving the related wpcapabilities when they update their profile...

8.8CVSS6.4AI score0.00622EPSS
Exploits1
WPVulnDB
WPVulnDB
•added 2023/08/09 12:0 a.m.•10 views

FULL - Customer < 2.3 - Subscriber+ Health Check Disclosure

Description The plugin does not have proper authorisation in its health REST API, allowing any authenticated user, such as subscriber to access it and retrieve sensitive information from the WordPress health check...

4.3CVSS6AI score0.00432EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/09 12:0 a.m.•15 views

Profile Builder < 3.9.8 - Unauthenticated Plugin's Pages Creation

Description The plugin lacks authorisation and CSRF in its page creation function which allows unauthenticated users to create the register, log-in and edit-profile pages from the plugin on the blog PoC 1. Access the URL:...

4.3CVSS7.1AI score0.002EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/09 12:0 a.m.•9 views

FULL - Customer < 2.3 - Subscriber+ Arbitrary Plugin Installation

Description The plugin does not have proper authorisation in its install-plugin REST API, allowing any authenticated users, such as subscriber to install plugins from arbitrary sources...

8.8CVSS6.4AI score0.00765EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/09 12:0 a.m.•12 views

Chat Button < 1.8.10 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.4AI score0.00316EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/09 12:0 a.m.•31 views

eaSYNC <= 1.3.8 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.00331EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/08/09 12:0 a.m.•16 views

Divi < 4.20.3 - Contributor+ Stored XSS

Description The theme does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS6.1AI score0.00358EPSS
Exploits0
WPVulnDB
WPVulnDB
•added 2023/08/09 12:0 a.m.•12 views

PDQ CSV <= 1.0.0 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup...

5.9CVSS6.3AI score0.00316EPSS
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/08/09 12:0 a.m.•13 views

Post Connector < 1.0.10 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup...

5.9CVSS6.8AI score0.00316EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/08 12:0 a.m.•14 views

Chatbot < 4.7.8 - Admin+ Stored XSS in Language Settings

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. In the plugin settings, select...

4.8CVSS4.8AI score0.00408EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/08 12:0 a.m.•20 views

WPBulky < 1.0.10 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not properly sanitize user input via its sanitize function, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.7AI score0.0031EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/08 12:0 a.m.•11 views

Chatbot < 4.7.8 - Admin+ Stored XSS in FAQ Builder

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Navigate to "WPBot Lite -...

4.8CVSS5.1AI score0.00416EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/08 12:0 a.m.•12 views

Biometric Login for WooCommerce < 1.0.4 - Unauthenticated Privilege Escalation

Description The plugin does not validate that a user's WebAuthn authentication request succeeded before sending them authentication cookies, making it possible for unauthenticated attackers to take over any accounts having WebAuthn credentials set up on affected sites. PoC While on the site not...

7.3AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•25 views

Rank Math SEO < 1.0.119.1 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.6AI score0.00332EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•13 views

Simple Blog Card < 1.32 - Subscriber+ Arbitrary Post Access

Description The plugin does not ensure that posts to be displayed via a shortcode are public, allowing any authenticated users, such as subscriber, to retrieve arbitrary post title and their content such as draft, private and password protected ones PoC Run the below command in the developer...

4.3CVSS4.8AI score0.00453EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•11 views

GDPR Cookie Compliance < 4.12.5 - License Update/Deactivation via CSRF

Description The plugin does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks PoC Make a logged in admin open a page with the code below To make them deactivate the license To mak...

6.5CVSS7.1AI score0.00269EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•18 views

CartFlows Pro < 1.11.13 - CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

6.3AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•16 views

WP Ultimate CSV Importer < 7.9.9 - Imported Files Disclosure

Description The plugin does not protect its imported files, which could allow unauthenticated users to list and view exported files...

7.5CVSS6.5AI score0.0057EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•9 views

POEditor < 0.9.8 - Settings Reset via CSRF

Description The plugin does not have CSRF checks in various places, which could allow attackers to make logged in admins perform unwanted actions, such as reset the plugin's settings and update its API key via CSRF attacks. PoC...

4.3CVSS7AI score0.00218EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•14 views

CodeBard's Patron Button and Widgets for Patreon < 2.1.9 - Reflected XSS

Description The plugin does not sanitise and escape the siteaccount parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.00331EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•12 views

All Users Messenger <= 1.24 - Subscriber+ Message Deletion via IDOR

Description The plugin does not prevent non-administrator users from deleting messages from the all-users messenger. PoC 1 Go to the messenger 2 Catch a request that is constantly running at intervals of 3 seconds 3 Change the message time argument to true 4 Set true for permission to delete a...

4.3CVSS4.6AI score0.00402EPSS
Exploits2References1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•27 views

wpShopGermany IT-RECHT KANZLEI < 1.8 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.4AI score0.00316EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•13 views

WP Ultimate CSV Importer < 7.9.9 - Author+ Privilege Escalation

Description The plugin does not validate User Metadata, which could allow author and above roles who have been granted access to the plugin settings to update their role to administrator...

8.8CVSS6.7AI score0.00612EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•13 views

User Activity Tracking and Log < 4.0.9 - License Update/Deactivation via CSRF

Description The plugin does not have proper CSRF checks when managing its license, which could allow attackers to make logged in admins update and deactivate the plugin's license via CSRF attacks PoC Make a logged in admin open a page with the code below To make them deactivate the license To mak...

4.3CVSS4.7AI score0.00218EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•17 views

WpStream < 4.5.5 - Local Event Settings Update via CSRF

Description The plugin does not have CSRF check when updating its local event settings, which could allow attackers to make logged in admin perform such action via a CSRF attack...

8.8CVSS6.3AI score0.00209EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/08/07 12:0 a.m.•14 views

CartFlows Pro < 1.11.12 - Reflected Cross-Site Scripting

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS5.8AI score0.00331EPSS
Exploits0Affected Software1
Total number of security vulnerabilities14603