Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.28 views

EventON < 2.1.2 - Unauthenticated Event Access

The plugin lacks authentication and authorization in its eventonicsdownload ajax action, allowing unauthenticated visitors to access private and password protected Events by guessing their numeric id. PoC https://example.com/wp-admin/admin-ajax.php?action=eventonicsdownloadid=value...

5.3CVSS9.3AI score0.42674EPSS
Exploits5Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.23 views

EventON < 2.1.2 - Unauthenticated Post Access via IDOR

The plugin does not validate that the eventid parameter in its eventonicsdownload ajax action is a valid Event, allowing unauthenticated visitors to access any Post including unpublished or protected posts content via the ics export functionality by providing the numeric id of the post. PoC...

5.3CVSS8.9AI score0.07398EPSS
Exploits5Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.11 views

Enable SVG Uploads <= 2.1.5 - Author+ Stored XSS via SVG

The plugin does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. PoC 1. Upload a malicious SVG: 2. Add to post and view SVG to see XSS...

5.4CVSS8.5AI score0.00544EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.36 views

tagDiv Cloud Library < 2.7 - Unauthenticated Arbitrary User Metadata Update to Privilege Escalation

The plugin does not have authorisation and CSRF in an AJAX action accessible to both unauthenticated and authenticated users, allowing unauthenticated users to change arbitrary user metadata, which could lead to privilege escalation by setting themselves as an admin of the blog. PoC To set the us...

8.8CVSS9.2AI score0.00492EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.35 views

PrePost SEO <= 3.0 - Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Add XSS payload to plugin's "Account API key" setting: ...

4.8CVSS4.9AI score0.00633EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.11 views

Greeklish-permalink <= 3.3 - Unauthenticated Post Slug Update

The plugin does not implement correct authorization or nonce checks in the cyrtransajaxold AJAX action, allowing unauthenticated and low-privilege users to trigger the plugin's functionality to change Post slugs either directly or through CSRF. PoC 1. Create a post with the name "Νέα ανάρτηση"...

4.3CVSS8.9AI score0.00267EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.22 views

AN_GradeBook <= 5.0.1 - Admin+ XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. When adding a new course in the plugin...

4.8CVSS7.9AI score0.00542EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.22 views

MStore API < 3.9.8 - Unauthenticated Blind SQLi

The plugin does not sanitise and escape a parameter before using it in a SQL statement, leading to a Blind SQL injection exploitable by unauthenticated users. This is only exploitable if the site owner elected to pay to get access to the plugins' pro features, and uses the woocommerce-appointment...

9.8CVSS9.8AI score0.05505EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.12 views

Image Protector <= 1.1 - Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to...

4.8CVSS7.8AI score0.00542EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.25 views

Float menu < 5.0.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Add a new item in the plugin settings 2...

4.8CVSS5.3AI score0.00548EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.11 views

MojoPlug Slide Panel <= 1.1.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS8.2AI score0.00418EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.13 views

EventPrime < 3.0.6 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00411EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.17 views

Companion Sitemap Generator < 4.5.3 - Reflected XSS

The plugin does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. PoC Make a logged-in admin open: https://example.com/wp-admin/tools.php?page=csg-sitemap=...

6.1CVSS8.4AI score0.00998EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.20 views

Multiple Plugins - Cross-Site Scripting From Third-party Library

The plugins use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability. PoC WP-Optimize - Reflected Cross-Site Scripting 1. Go to the plugin settings and in the "Images" section check the box "Create WebP version of image". 2...

6.1CVSS4.9AI score0.01158EPSS
Exploits2Affected Software2
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.17 views

HTTP Headers < 1.18.11 - Admin+ Remote Code Execution

This plugin allows arbitrary data to be written to arbitrary files, leading to a Remote Code Execution vulnerability. PoC --- HTTP Headers Advanced settings and set the "Location of .hh-htpasswd" field to its previous value this is only required on Apache-based servers in order to reset a rule in...

7.2CVSS9.3AI score0.01716EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.17 views

MStore API < 3.9.9 - Unauthenticated Privilege Escalation

The plugin does not prevent visitors from creating user accounts with the role of their choice via their wholesale REST API endpoint. This is only exploitable if the site owner paid to access the plugin's pro features. PoC 1 Simulate the site has a valid Pro API key by running the following in WP...

9.8CVSS8.8AI score0.02168EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.167 views

Call Now Accessibility Button < 1.1 - Admin+ Stored Cross Site Scripting

Description The plugin does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. In the plugin's "Quick Start" field, add...

4.8CVSS4.7AI score0.00503EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.12 views

Call Now Accessibility Button < 1.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Fields in the "Options" section of the...

4.8CVSS5.4AI score0.00542EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.36 views

WooCommerce Product Vendors < 2.1.79 - ShopManager+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as ShopManager PoC As ShopManager, open the URL below...

7.4AI score0.00579EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.17 views

AI ChatBot < 4.6.1 - Admin+ Stored Cross-Site Scripting

The plugin does not adequately escape some settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC 1. Visit WPBot Lite Settings Language Center. 2. Within any of the tabs "General", "FAQ", or "ChatBot...

4.8CVSS5.3AI score0.00614EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/19 12:0 a.m.12 views

URL Shortify < 1.7.0 - Admin+ Cross Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Navigate to "URL Shortify Settings Links"...

4.8CVSS5.4AI score0.00548EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/16 12:0 a.m.19 views

Google Map Shortcode <= 3.1.2 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/16 12:0 a.m.15 views

Template Debugger <= 3.1.2 - Cross-Site Request Forgery

The plugin does not adequately protect against Cross-Site Request Forgery CSRF attacks...

8.8CVSS6.9AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/16 12:0 a.m.17 views

WP Backup Manager <= 1.13.1 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/16 12:0 a.m.17 views

Unlimited Elements For Elementor < 1.5.67 - Contributor+ Arbitrary File Upload

The plugin does not validate files in its file manager feature, allowing users with a role of contributor and above to upload arbitrary files...

8.8CVSS7AI score0.01308EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/16 12:0 a.m.16 views

Recent Posts Slider <= 1.1 - Cross-Site Request Forgery

The plugin does not adequately verify requests use nonces, leading to a Cross-Site Request Forgery CSRF vulnerability...

6.5CVSS6.8AI score0.0022EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/16 12:0 a.m.11 views

LWS Tools < 2.4.2 - Cross-Site Request Forgery

The plugin does not adequately verify requests use nonces, making it vulnerable to Cross-Site Request Forgery CSRF attacks...

8.8CVSS6.8AI score0.00248EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/16 12:0 a.m.13 views

Galleria <= 1.0.3 - Cross-Site Request Forgery

The plugin does not properly verify requests use nonces, leading to a potential Cross-Site Request Forgery CSRF vulnerability...

6.5CVSS6.8AI score0.0022EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/16 12:0 a.m.16 views

Sermon'e – Sermons Online <= 1.0.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS5.8AI score0.00511EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/16 12:0 a.m.14 views

Seed Fonts 2.3.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/15 12:0 a.m.13 views

NextGen GalleryView <= 0.5.5 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00387EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/15 12:0 a.m.21 views

Contact Form by WD <= 1.13.23 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin PoC 1. When editing a form, go to "Settings MySQL Mapping". 2. Click "Add a Query" 3. When mapping the form to the...

9AI score0.00933EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/15 12:0 a.m.17 views

WP Affiliate Links <= 0.1.1 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00387EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/15 12:0 a.m.11 views

Google XML Sitemap for Videos <= 2.6.1 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/15 12:0 a.m.19 views

Flo Forms <= 1.0.40 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/15 12:0 a.m.16 views

MasterStudy LMS < 3.0.9 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.5CVSS7.7AI score0.00377EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/15 12:0 a.m.21 views

MasterStudy LMS < 3.0.9 - Subscriber+ Course Category Creation

The plugin does not have authorisation when creating category courses, allowing any authenticated users, such as subscriber to create arbitrary course category...

6.5CVSS8.4AI score0.00555EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/15 12:0 a.m.16 views

WooCommerce Stock Manager < 2.11.0 - Cross-Site Request Forgery

The plugin does not adequately verify requests use nonces, making it susceptible to Cross-Site Request Forgery CSRF attacks...

8.8CVSS6.8AI score0.00271EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.15 views

WordPress Contact Forms by Cimatti < 1.5.8 - Cross-Site Request Forgery

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

4.3CVSS10AI score0.00298EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.32 views

WooCommerce Stripe Payment Gateway < 7.4.1 - Unauthenticated PII Disclosure via IDOR

The plugin does not ensure that the order details to be displayed belongs to the user making the request, allows unauthenticated users to access sensitive information about the reorder details such as first/last names, email and address PoC As unauthenticated, see the source of...

7.5CVSS7.3AI score0.01214EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.11 views

Booking and Rental Manager < 1.2.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00442EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.15 views

Zephyr Project Manager < 3.3.94 - Plugin Data Deletion via CSRF

The plugin does not have CSRF check when deleting its data, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00248EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.15 views

Password Protected < 2.6.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00396EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.24 views

All Bootstrap Blocks < 1.3.7 - Cross-Site Request Forgery

The plugin does not properly validate user requests, leading to a potential Cross-Site Request Forgery CSRF vulnerability...

6.5CVSS6.8AI score0.0022EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.14 views

Securimage-WP <= 3.6.16 - Cross-Site Request Forgery

The plugin does not adequately verify requests use nonces, leading to potential CSRF vulnerabilities...

4.3CVSS6.8AI score0.00218EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.28 views

MStore API < 3.9.7 - Multiple CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks, such as Order Status Update, Order Title Update, Product Limit Update, Order Message Update, and Firebase Server Key Update...

4.3CVSS6.7AI score0.00316EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.17 views

Church Admin < 3.7.30 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.14 views

ARMember < 4.0.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/13 12:0 a.m.18 views

Disable WordPress Update Notifications <= 2.3.3 - Cross-Site Request Forgery

The plugin does not adequately verify requests use nonces, leading to potential CSRF vulnerabilities...

6.5CVSS6.8AI score0.0022EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/12 12:0 a.m.21 views

YaySMTP < 2.4.6 - Unauthenticated Stored Cross-Site Scripting

The plugin does not sufficiently sanitize and escape input from email contents, leading to the possibility of arbitrary web scripts injection in pages...

7.2CVSS7.2AI score0.00462EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities14603