Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
added 2023/07/10 12:0 a.m.19 views

Forminator < 1.24.4 - Reflected XSS

The plugin does not properly escape values that are being reflected inside form fields that use pre-populated query parameters, which could lead to reflected XSS attacks. PoC 1. Create a "Contact Us" form from the plugin presets 2. Click on the Message field, go to the "Settings" tab and choose a...

6.4AI score0.0354EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/10 12:0 a.m.28 views

BigContact <= 1.5.8 - Cross-Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in Arian Khosravi, Norik Davtian BigContact Contact Page plugin = 1.5.8 versions...

8.8CVSS6.9AI score0.00321EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/10 12:0 a.m.11 views

HT Feed < 1.2.8 - Cross-Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in HasThemes HT Feed plugin = 1.2.7 versions...

8.8CVSS6.9AI score0.00321EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/10 12:0 a.m.14 views

Short URL < 1.6.5 - Admin+ Cross Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC In the plugin settings, add the POC to the...

6AI score0.00429EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/10 12:0 a.m.18 views

Mail Control <= 0.2.8 - Unauthenticated Stored Cross-Site Scripting via Email Subject

The plugin does not adequately sanitize input or escape output for email subjects, resulting in potential for stored cross-site scripting...

7.2CVSS6.6AI score0.00525EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/10 12:0 a.m.13 views

Social Media Icons Widget <= 1.6 - Cross-Site Request Forgery

The plugin does not adequately protect against Cross-Site Request Forgery CSRF attacks...

8.8CVSS6.9AI score0.00214EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/07 12:0 a.m.14 views

Getnet Argentina para Woocommerce < 0.0.5 - Unauthenticated Authorization Bypass

The plugin does not perform adequate validation on the 'webhook' function, which can lead to an unauthenticated user changing their payment status to 'APPROVED' without making an actual payment...

7.5CVSS7.5AI score0.00762EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/07 12:0 a.m.14 views

WordPress Mobile Pack <= 3.4.1 - Cross-Site Request Forgery

The plugin does not properly validate requests use nonces, leading to a Cross-Site Request Forgery CSRF vulnerability...

6.5CVSS6.8AI score0.00191EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/07 12:0 a.m.13 views

WP Dummy Content Generator < 3.0.0 - Cross-Site Request Forgery

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00331EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/06 12:0 a.m.37 views

FluentSMTP < 2.2.5 - Unauthenticated Stored Cross-Site Scripting

The plugin does not adequately sanitize and escape input in the email subject, making it possible to inject arbitrary web scripts that execute when a user accesses the affected page...

7.2CVSS6.9AI score0.00599EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/05 12:0 a.m.29 views

ShopLentor < 2.6.3 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

8.8CVSS6.7AI score0.00214EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/05 12:0 a.m.16 views

WPLMS < 4.900 - Cross-Site Request Forgery

The plugin does not adequately verify requests use nonces, making it susceptible to Cross-Site Request Forgery CSRF attacks...

8.8CVSS6.8AI score0.00248EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/05 12:0 a.m.14 views

Visibility Logic for Elementor < 2.3.5 - Cross-Site Request Forgery

The plugin does not properly validate requests using nonces, which makes it susceptible to Cross-Site Request Forgery attacks...

8.8CVSS6.8AI score0.00214EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/05 12:0 a.m.23 views

Media Library Helper by Codexin <= 1.2.0 - Cross-Site Request Forgery

The plugin does not properly validate requests using nonces, making it susceptible to Cross-Site Request Forgery CSRF attacks...

8.8CVSS6.8AI score0.00208EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/05 12:0 a.m.14 views

ARMember < 4.0.6 - ARMember Cross-Site Request Forgery

The plugin does not properly validate nonces in the armcheckusercap function, leading to a potential Cross-Site Request Forgery vulnerability. As a result, unauthenticated users can carry out actions without appropriate permissions, provided they manage to mislead a site administrator into clicki...

8.8CVSS6.8AI score0.0032EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/05 12:0 a.m.16 views

Classified Listing < 2.4.6 - Cross-Site Request Forgery

The plugin does not adequately verify requests using nonces, leading to a potential Cross-Site Request Forgery vulnerability...

8.8CVSS6.8AI score0.00208EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/05 12:0 a.m.14 views

WP Reroute Email < 1.5.0 - Unauthenticated Stored Cross-Site Scripting

The plugin does not properly sanitize and escape input in the email subject, leading to potential Stored Cross-Site Scripting issues. This flaw allows the injection of arbitrary web scripts that are executed whenever an injected page is accessed...

7.2CVSS5.9AI score0.00458EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/05 12:0 a.m.24 views

SMTP Mail <= 1.2.16 - Unauthenticated Stored Cross-Site Scripting

The plugin does not properly sanitize and escape input in email subjects when the 'Save Data SendMail' feature is enabled, leading to potential Stored Cross-Site Scripting issues...

7.2CVSS5.9AI score0.00491EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/05 12:0 a.m.21 views

WP Mail Log < 1.1.2 - Unauthenticated Stored Cross-Site Scripting

The plugin does not properly sanitize and escape email contents, leading to a potential Stored Cross-Site Scripting vulnerability. This issue allows for arbitrary web scripts to be injected into pages, which will execute when a user accesses an affected page...

7.2CVSS5.9AI score0.00458EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/04 12:0 a.m.29 views

Menubar < 5.9 - Cross-Site Request Forgery

The plugin does not properly implement anti-CSRF measures, potentially making it possible for unwanted actions to be performed in the user's session...

6.5CVSS6.8AI score0.00218EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/04 12:0 a.m.18 views

WP RSS Images <= 1.1 - Cross-Site Request Forgery

The plugin does not adequately verify requests use nonces, leading to a potential Cross-Site Request Forgery vulnerability...

8.8CVSS6.8AI score0.00253EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/04 12:0 a.m.17 views

WebwinkelKeur < 3.25 - Cross-Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in Albert Peschar WebwinkelKeur plugin = 3.24 versions...

8.8CVSS6.9AI score0.00331EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/03 12:0 a.m.13 views

Login/Signup Popup < 2.4 - Settings Reset via CSRF

The plugin does not have CSRF check when reseting its settings, which could allow attackers to make logged in admins perform such action via a CSRF attack PoC Make a logged in admin open https://example.com/wp-admin/admin.php?page=easy-login-woocommerce-settings=yes...

6.7AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/03 12:0 a.m.15 views

User Activity Log < 1.6.3 - Admin+ SQL Injection

The plugin does not properly sanitise and escape the txtsearch parameter before using it in a SQL statement in some admin pages, leading to a SQL injection exploitable by high privilege users such as admin. PoC As an admin, visit either of the following URL's. Note that it takes several seconds f...

7.2CVSS7.6AI score0.00717EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/03 12:0 a.m.15 views

Waitlist Woocommerce < 2.5.3 - Settings Reset via CSRF

The plugin does not have CSRF check when reseting its Settings, which could allow attackers to make logged in admins perform such action via a CSRF attack PoC Make a logged in admin open https://example.com/wp-admin/admin.php?page=waitlist-woocommerce-settings=yes...

6.7AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/29 12:0 a.m.18 views

SP Project & Document Manager < 4.68 - Subscriber+ Insecure Direct Object References

The plugin allows direct access to objects, allowing an authenticated user with subscriber privileges or above, to bypass authorization and change user passwords and potentially take over administrator accounts...

8.8CVSS8.7AI score0.00729EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/29 12:0 a.m.51 views

Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation

The plugin does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This is actively being exploited in the wild. PoC POST /register/ HTTP/1.1 Host: wpscan-vulnerability-test-bench.ddev.site...

9.8CVSS8.9AI score0.72306EPSS
Exploits12References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/29 12:0 a.m.14 views

Web3 – Crypto wallet Login & NFT token gating < 2.7.0 - Authentication Bypass

The plugin does not properly perform authentication in the 'hiddenformdata' function, allowing an unauthenticated user to log in as any existing user on the site, such as an administrator, if they have access to the username...

9.8CVSS7.2AI score0.01108EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/29 12:0 a.m.18 views

User Registration < 3.0.2 - Subscriber+ PHP Object Injection

The plugin does not properly sanitize the 'profile-pic-url' parameter, leading to a potential PHP Object Injection. This vulnerability stems from the deserialization of untrusted input, potentially enabling a malicious user with subscriber-level permissions to inject a PHP Object. The issue may...

8.8CVSS6.9AI score0.00949EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/28 12:0 a.m.25 views

Active Directory Integration / LDAP Integration < 4.1.6 - Sensitive Information Disclosure

The plugin will expose Sensitive Information due to insufficient sanitization of the supplied username value...

8.6CVSS6.8AI score0.00532EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/28 12:0 a.m.38 views

WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) < 7.6.5 - Authentication Bypass

The improper credential validation on the plugin allows unauthenticated attackers to escalate privileges if administrator's emails is known...

9.8CVSS7.2AI score0.46242EPSS
Exploits4Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/28 12:0 a.m.20 views

Short URL < 1.6.5 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score0.00405EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/27 12:0 a.m.11 views

Salon Booking System < 8.4.8 - User Role change via CSRF

The plugin does not implement nonce checks, which could allow attackers to make a logged in admin change its own user role to customer...

5.4CVSS6.7AI score0.00296EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/27 12:0 a.m.18 views

NOO Timetable <= 2.1.3 - Cross-Site Request Forgery

The plugin does not adequately verify incoming requests using nonces, leading to potential Cross-Site Request Forgery vulnerabilities...

8.8CVSS6.8AI score0.00253EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/27 12:0 a.m.73 views

LearnDash LMS < 4.6.0.1 - User Account Takeover via Insecure Direct Object References

The plugin does not correctly manage access to system resources, resulting in Insecure Direct Object References. As a result, users can bypass authorization checks, leading to unauthorized changes to user passwords, potentially compromising administrator accounts...

8.8CVSS8.8AI score0.02233EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/27 12:0 a.m.17 views

Quiz Expert – Easy Quiz Maker, Exam and Test Manager <= 1.5.0 - Cross-Site Request Forgery

The plugin does not adequately verify requests, leading to a Cross-Site Request Forgery CSRF vulnerability...

8.8CVSS6.8AI score0.00253EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/27 12:0 a.m.22 views

WP Abstracts <= 2.6.2 - Cross-Site Request Forgery

The plugin does not sufficiently verify requests use nonces, leading to a CSRF vulnerability...

8.8CVSS6.8AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.20 views

WooCommerce Stripe Payment Gateway < 7.4.1 - Subscriber+ Order Intent Update

The plugin does not properly restrict users from making a certain set of changes to other customers' orders. TODO: ADD link to Patchstack's post instead of H1 PoC Affected functions: createpaymentintentajax updatepaymentintentajax saveupeappearanceajax updateorderstatusajax updatefailedorderajax ...

6.4AI score0.00614EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.18 views

Beautiful Cookie Consent Banner < 2.10.2 - Unauthenticated Stored Cross-Site Scripting

The plugin is affected by an Unauthenticated Stored Cross-Site Scripting XSS vulnerability due to a lack of input sanitization and output escaping...

7.2CVSS5.6AI score0.84461EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.20 views

Membership Plugin - Restrict Content < 3.2.3 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged-in admin open a page containing the HTML code below...

6.1CVSS5.7AI score0.0042EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.16 views

POST SMTP Mailer < 2.5.7 - Arbitrary Log Deletion via CSRF

The plugin does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the managepostmansmtp capability delete arbitrary logs via a CSRF attack. Note: The AJAX actions are also affected by SQL injections, making the issue PoC Make a logged in...

7AI score0.00266EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.15 views

SimpleModal Contact Form (SMCF) <= 1.2.9 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.12 views

Coupon Affiliates < 5.4.4 - Unauthenticated Reflected XSS

The plugin was vulnerable to Unauthenticated Reflected Cross-Site Scripting XSS via the 'wcucoupons' parameter...

7.1CVSS5.9AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.14 views

Subscribe2 – Form, Email Subscribers & Newsletters < 10.41 - Sending Emails via CSRF

The plugin does not implement nonce checks, which could allow attackers to make a logged-in admin send test emails with arbitrary content to users...

4.3CVSS6.8AI score0.00298EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.14 views

Order date time for WooCommerce < 3.0.20 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.17 views

Connections Business Directory < 10.4.37 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

6.5CVSS5.8AI score0.0037EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.14 views

WooCommerce Pre-Orders < 2.0.2 - Reflected XSS

The plugin does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC When there is at least one pre-order, make a logged in admin open the URL below...

6AI score
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.19 views

Subscribe2 – Form, Email Subscribers & Newsletters < 10.41 - Missing Access Controls

The vulnerability allows any Author leveled users to perform actions that only an administrator should be allowed to do e.g., sending unsolicited e-mail to users...

4.3CVSS6.8AI score0.00508EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.19 views

Direct checkout, Add to cart redirect for Woocommerce < 2.1.49 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.8AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/26 12:0 a.m.13 views

IFrame Shortcode <= 1.0.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

6.5CVSS5.8AI score0.00361EPSS
Exploits0Affected Software1
Total number of security vulnerabilities14603