Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.18 views

Page Builder by AZEXO <= 1.27.133 - Contributor+ Stored Cross-Site Scripting via shortcode

The plugin does not validate and escape the attributes of the azhpost shortcode before outputting them back into the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege users such as admins...

6.4CVSS5.9AI score0.0048EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.12 views

Kanban Boards for WordPress < 2.5.21 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.16 views

CRM and Lead Management by vcita <= 2.7.1 - Settings Update Via CSRF

The plugin does not protect its settings page against CSRF attacks, allowing an unauthenticated attacker to inject arbitrary web scripts by tricking a user with the contributor role or higher to click a link. The plugin does not protect its settings page against CSRF attacks, allowing an...

6.5CVSS6.8AI score0.00335EPSS
Exploits2References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.14 views

Multiple plugins by vcita - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitize and the email field in the plugin settings, which could allow users with roles as low as contributor to inject arbitrary web scripts in the plugin settings page, which could target high privilege users such as administrators. PoC...

6.4CVSS6.7AI score0.00755EPSS
Exploits2References3Affected Software2
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.15 views

Contact Form Builder by vcita <= 4.10.2 - Settings Update Via CSRF

The plugin does not protect its settings page against CSRF attacks, allowing an unauthenticated attacker to change the plugin's settings, and on older versions...

6.1CVSS6.7AI score0.00295EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.22 views

Online Booking & Scheduling Calendar for WordPress by vcita < 4.3.1 - Unauthenticated Stored Cross-Site Scripting

The plugin does not sanitize and escape the businessid parameter of an unprotected REST route endpoint before rendering it back in pages on the website, allowing an unauthenticated attacker to inject arbitrary web scripts, which could target authenticated users such as administrators. PoC curl...

7.2CVSS6.7AI score0.00607EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.13 views

CRM and Lead Management by vcita < 2.7.0 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitize and escape the email and uid parameters in the plugin settings before rendering it on the page, which could allow users with roles as low as contributor to inject arbitrary web scripts targeting high privilege users such as administrators. PoC...

6.4CVSS8.8AI score0.00596EPSS
Exploits2References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.11 views

Page Builder by AZEXO <= 1.27.133 - Subscriber+ Post Creation

The plugin does not properly authorize post creation in it's azhaddpost ajax action, allowing any authenticated users to create posts with any post type and status, even when that should not have this capability...

5.4CVSS6.6AI score0.00503EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.18 views

Contact Form and Calls To Action by vcita <= 2.7.1 - Settings Update Via CSRF

The plugin does not protect its settings page against CSRF attacks, allowing an unauthenticated attacker to change the plugin's settings, and on older versions =a”alert2;...

6.1CVSS6.7AI score0.00293EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.13 views

Call Now Accessibility Button < 1.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS10AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.23 views

WooCommerce Box Office < 1.1.51 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC tickets columns='111"...

5.5AI score0.00429EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.15 views

VK Blocks < 1.58.0.0 - Contributor+ Settings Update via REST API

The plugin uses improper authorization for the REST API vk-blocks/v1/options/vkfontawesomeversion, allowing users with a role as low as contributor to change the vkfontawesomeversion option to an arbitrary value...

4.3CVSS10AI score0.00508EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.20 views

Page Builder by AZEXO <= 1.27.133 - Cross-Site Request Forgery (CSRF)

The plugin does not protect the ajax actions azhaddpost, azhduplicatepost, azhupdatepost and azhremovepost against CSRF attacks, allowing an unauthenticated attacker to add, modify and delete posts by tricking a logged in user to submit a crafted request...

8.8CVSS6.8AI score0.00317EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.8 views

Page Builder by AZEXO <= 1.27.133 - Cross-Site Request Forgery (CSRF) to Stored XSS

The plugin does not protect the ajax actions azhsave against CSRF attacks, allowing an unauthenticated attacker to modify posts by tricking a logged in user with rights to edit the post to submit a crafted request. Furthermore if the targeted user has a role of editor or above, arbitrary web...

6.1CVSS6.2AI score0.00208EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.13 views

Contact Form Builder by vcita < 4.10.2 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitize and escape the email parameter in the plugin settings, which could allow users with roles as low as contributor to inject arbitrary web scripts targeting higher privileged users, such as administrators, into the plugin settings. PoC...

6.4CVSS5.9AI score0.0051EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.18 views

Multiple plugins by vcita - CSRF to Stored XSS in settings page

The plugin does not protect the live-site-parse-vcita-callback settings page against CSRF attacks, allowing an unauthenticated attacker to inject arbitrary web scripts by tricking a logged in user with contributor role or higher to click a link. PoC...

6.5CVSS6.9AI score0.00419EPSS
Exploits2References3Affected Software2
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.18 views

Online Booking & Scheduling Calendar for WordPress by vcita < 4.3.0 - Subscriber+ Denial of Service by account logout

The plugin does not validate authorization in the vcitalogout ajax action, allowing any logged in user with roles as low as subscriber to log the site out from the cvita account, causing a denial of service for the appointment scheduling functionality. PoC...

5.4CVSS8.6AI score0.00698EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.28 views

WooCommerce Box Office < 1.1.52 - Unauthenticated Ticket Barcode Update

The plugin does not have authorisation and CSRF when updating a ticket bar-code, allowing unauthenticated users to perform such action PoC curl https://example.com/wp-admin/admin-ajax.php -d "action=saveticketbarcodebarcodeimage=xxxbarcodetext=xxxxxid=86"...

6.5AI score0.00348EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/01 12:0 a.m.28 views

Bookly < 21.8 - Admin+ Stored Cross-Site Scripting via service titles

The plugin does not sanitize and escape service titles in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup...

4.8CVSS6.6AI score0.00373EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/31 12:0 a.m.17 views

Quick/Bulk Order Form for WooCommerce < 3.6.0 - Shop Manager+ Stored XSS

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Shop Manager to perform Stored Cross-Site Scripting attacks...

5.9CVSS5.9AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/31 12:0 a.m.45 views

File Manager Advanced Shortcode <= 2.3.2 - Unauthenticated Remote Code Execution through shortcode

The plugin does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users. PoC 1. Add the following shortcode to ...

9.8CVSS9.2AI score0.3962EPSS
Exploits8Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.21 views

Feather Login Page < 1.1.2 - Cross-Site Request Forgery to Privilege Escalation

The plugin does not protect its ftlpp-ext-expirable-login-link action against CSRF attacks, allowing an unauthenticated attacker to add users of any role on their behalf by tricking a logged in administrator to submit a crafted request. PoC POST...

8.8CVSS8.3AI score0.00331EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.22 views

AI-Engine < 1.6.83 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup. PoC Go to Meow Apps » AI Engine » Chatbot tab »...

4.8CVSS5.3AI score0.0047EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.13 views

Blog-in-Blog <= 1.1.1 - Editor+ Local File Inclusion via Shortcode

The plugin does not validate a shortcode attribute before using it to include a template file, allowing users with an editor role or above to include arbitrary files readable by the web server, and execute them in case of php files...

7.2CVSS7.1AI score0.0112EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.16 views

Blog-in-Blog <= 1.1.1 - Editor+ Stored Cross-Site Scripting via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back into the page, which could allow users with an editor role or above to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege users such as admins...

5.5CVSS5.9AI score0.00482EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.15 views

bbp style pack < 5.5.6 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS6AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.17 views

Display post meta, term meta, comment meta, and user meta <= 0.4.1 - Contributor+ Stored Cross-Site Scripting

The plugin does not validate and escape post metadata before outputting it back into the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege users such as admins...

6.4CVSS5.9AI score0.00368EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.15 views

Favorites < 2.3.3 - Contributor+ Stored Cross-Site Scripting via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back into the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks, which could be used against high-privilege users such as admins...

6.4CVSS5.9AI score0.00687EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.21 views

Nested Pages < 3.2.4 - Editor+ Plugin Settings Reset

The plugin does not properly authorize the npresetSettings ajax action, allowing users with an editor role or above to reset the plugin settings...

3.8CVSS6.8AI score0.00668EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.15 views

Feather Login Page < 1.1.2 - Missing Authorization to Non-Arbitrary User Deletion

The plugin does not check authorization when processing the ftlpp-ext-expirable-delete-user ajax action, which could allow users with roles as low as subscriber to delete temporary users generated by the plugin, furthermore it does not protect the action against CSRF attacks, allowing an...

5.4CVSS5.9AI score0.00442EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.22 views

CRM Perks Forms < 1.1.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape the formid field in the plugin settings page, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup. PoC...

4.8CVSS5.8AI score0.00604EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.28 views

Feather Login Page < 1.1.2 - Missing Authorization to Authentication Bypass and Privilege Escalation

The plugin lacks authorization checks in the ftlpp-ext-expirable-get-users ajax action, allowing logged in users with roles as low as subscriber to access the login links for the temporary users created by the plugin, which can be used for privilege escalation. PoC GET...

8.8CVSS8.3AI score0.00714EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.39 views

Jetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API

The plugin does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization. PoC curl --json ' "media": "tmpname": "/WPCONTENTPATH/wp-config.php"...

8.8CVSS9.3AI score0.04824EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.10 views

NextGen GalleryView <= 0.5.5 - Cross-Site Request Forgery

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

6.5CVSS6.7AI score0.0022EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.12 views

Wordapp <= 1.5.0 - Authorization Bypass via Insufficiently Unique Cryptographic Signature

The plugin uses an insufficiently unique cryptographic signature in the wapdxopconfigset function, which could allow an unauthenticated attacker to change the validationtoken in the plugin config, providing access to the plugin's remote control functionalities, such as creating an admin access UR...

9.8CVSS7.1AI score0.00526EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.31 views

Ultimate Member < 2.6.1 - Form Duplication via CSRF

The plugin does not have CSRF checks when duplicating a form, which could allow attackers to make logged in admins perform such actions via a CSRF attack...

8.8CVSS6.7AI score0.00227EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/30 12:0 a.m.12 views

Draw Attention < 2.0.12 - Subscriber+ Unauthorized Featured Image Modification

The plugin does not perform a capability check on the ajaxsetfeaturedimage function, allowing authenticated users with subscriber-level permissions to modify featured images of arbitrary posts using images from the media library...

4.3CVSS6.8AI score0.00508EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/29 12:0 a.m.16 views

Telegram Bot & Channel < 3.6.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/29 12:0 a.m.120 views

Gravity Forms < 2.7.4 - Unauthenticated PHP Object Injection

The plugin unserializes user input via the getfieldinput, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...

7AI score0.00616EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/27 12:0 a.m.23 views

WP EasyCart < 5.4.9 - Multiple CSRFs

The plugin does not apply proper nonce validation routines in multiple AJAX requests, which makes it possible for attackers to trick an unsuspecting administrator into activating and deactivating products...

6.5CVSS6.8AI score0.00241EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/27 12:0 a.m.15 views

WP EasyCart < 5.4.9 - Product Deletion via CSRF

The plugin does not properly implement nonce validation on the processdeleteproduct function, leading to a Cross-Site Request Forgery vulnerability...

6.5CVSS6.8AI score0.00244EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/26 12:0 a.m.17 views

SlideOnline <= 1.2.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC The PoC will be displayed once the issue...

5.4CVSS5.9AI score0.00444EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/26 12:0 a.m.10 views

QueryWall: Plug'n Play Firewall <= 1.1.1 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. PoC 1. Send GET /wp-admin/admin.php?page=querywall=datetimegmt=desc%2cselectfromselectsleep20a 2. See SQL execution...

7.2CVSS9.6AI score0.0089EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/25 12:0 a.m.20 views

IP Metaboxes <= 2.1.1 - Unauthenticated Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS10AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/25 12:0 a.m.14 views

AI ChatBot < 4.5.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape numerous of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks to all admin when setting chatbot and all client when using chatbot PoC 1. Go to "Settings Language Settings ChatBot Keywords" 2...

4.8CVSS8.3AI score0.00442EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/25 12:0 a.m.14 views

Video Contest WordPress <= 3.2 - Cross-Site Request Forgery

The plugin does not adequately verify requests use nonces, leaving it susceptible to Cross-Site Request Forgery CSRF attacks...

8.8CVSS6.8AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/25 12:0 a.m.13 views

This Day In History <= 3.10.1 - Unauthenticated Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS10AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/25 12:0 a.m.15 views

File Renaming on Upload < 2.5.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Multiple inputs in the plugin's settings -- fo...

4.8CVSS8.2AI score0.00442EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/25 12:0 a.m.16 views

Google Map Shortcode <= 3.1.2 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin PoC Note: The...

5.4CVSS8.3AI score0.00444EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/25 12:0 a.m.23 views

Video Contest WordPress <= 3.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS10AI score0.00369EPSS
Exploits0Affected Software1
Total number of security vulnerabilities14603