Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
added 2023/05/25 12:0 a.m.16 views

IP Metaboxes <= 2.1.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS10AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/25 12:0 a.m.12 views

Product Gallery Slider for WooCommerce < 2.2.9 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions against CSRF attacks, allowing an attacker to trick a logged in high privileged user to perform actions on their behalf by submitting a crafted request...

8.8CVSS6.5AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.18 views

Download < 2.0.5 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions against CSRF attacks, allowing an attacker to trick a logged in high privilege user to perform actions on their behalf by submitting a crafted request...

8.8CVSS6.7AI score0.00271EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.11 views

WP Tiles <= 1.1.2 - Cross-Site Request Forgery

The plugin does not properly validate and verify requests use nonces, leading to a Cross-Site Request Forgery CSRF vulnerability...

8.8CVSS6.8AI score0.00253EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.17 views

Kopa Framework <= 1.3.5 - Cross-Site Request Forgery

The plugin does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks. The original researcher didn't provide enough information on which actions could be performed...

8.8CVSS6.6AI score0.00318EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.13 views

Download < 1.1.0 - Cross-Site Request Forgery

The plugin does not properly validate and verify user requests use nonces, making it susceptible to Cross-Site Request Forgery CSRF attacks...

8.8CVSS6.8AI score0.00253EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.20 views

Booking Ultra Pro < 1.1.7 - Cross-Site Request Forgery

The plugin does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks. The original researcher didn't provide enough information on which actions could be performed...

8.8CVSS8.2AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.15 views

Store Locator <= 3.98.7 - Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

8.8CVSS6.7AI score0.00269EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.27 views

MStore API < 3.9.3 - Authentication Bypass

The plugin does not properly verify the user provided when adding listing via its REST API, allowing unauthenticated users to login as an arbitrary user by providing their ID...

9.8CVSS7AI score0.67511EPSS
Exploits3Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.23 views

JetFormBuilder < 3.0.7 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in user to submit a crafted request...

8.8CVSS6.8AI score0.00256EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.30 views

Drag and Drop Multiple File Upload – Contact Form 7 < 1.3.6.6 - File Upload and File deletion via CSRF

The plugin is lacking CSRF and validation when uploading or deleting files, which could allow attackers to make a logged-in admin upload or delete files via a CSRF attack...

8.8CVSS6.9AI score0.00248EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.28 views

WooCommerce Product Vendors < 2.1.77 - Unauthenticated Reflected XSS

The plugin does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin...

7.1CVSS6.1AI score0.00382EPSS
Exploits1References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.11 views

Conditional Menus < 1.2.1 - Reflected XSS

The plugin does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the HTML code below...

6.1CVSS8.5AI score0.00493EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.16 views

Flickr Justified Gallery <= 3.5 - Cross-Site Request Forgery

The plugin does not properly validate incoming requests using nonces, leading to a potential Cross-Site Request Forgery CSRF vulnerability...

8.8CVSS6.8AI score0.00246EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.17 views

WP Custom Cursors < 3.2 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin. PoC 1. Add a new "WP Custom Cursor". 2. Return to the "WP Custom Cursors" page and click edit Cursor. 3.The WP Custom...

7.2CVSS7.7AI score0.00945EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.14 views

Easy Google Maps < 1.11.8 - Cross-Site Request Forgery (CSRF)

The plugin does not protect its ajax actions against CSRF attacks, allowing an attacker to trick a logged in high privilege user to perform actions on their behalf by submitting a crafted request...

5.4CVSS6.7AI score0.00282EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/24 12:0 a.m.20 views

Upload Resume <= 1.2.0 - Captcha Bypass

The plugin does not validate the captcha parameter when uploading a resume via the resumeuploadform shortcode, allowing unauthenticated visitors to upload arbitrary media files to the site. PoC The PoC will be displayed once the issue has been remediated...

5.3CVSS7.2AI score0.0051EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/23 12:0 a.m.26 views

ReviewX < 1.6.14 - Subscriber+ Privilege Escalation

The plugin does not validate parameters passed to the rxsetscreenoptions function, allowing any authenticated users, such as subscriber to set themselves as administrators...

8.8CVSS6.7AI score0.1748EPSS
Exploits4References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/23 12:0 a.m.17 views

Go Pricing - WordPress Responsive Pricing Tables <= 3.3.19 - Incorrect Authorization leading to Arbitrary File Upload

The plugin lacks proper authorization on the file upload feature, making it possible for authenticated users, who belong to specific roles defined by the administrator, to upload arbitrary files...

7.5CVSS7AI score0.00794EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/23 12:0 a.m.12 views

Go Pricing - WordPress Responsive Pricing Tables <= 3.3.19 - Broken Access Control

The plugin does not have proper authorization in some actions, which could allow users with a role as low as a subscriber to call them and perform unauthorized actions...

8.8CVSS6.6AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/23 12:0 a.m.26 views

Go Pricing - WordPress Responsive Pricing Tables < 3.4 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

6.4CVSS5.8AI score0.00365EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/23 12:0 a.m.13 views

Go Pricing - WordPress Responsive Pricing Tables < 3.4 - Contributor+ PHP Object Injection via shortcode

The plugin does not sanitize the data parameter of its gopricing shortcode before unserializing it, which could allow users with a role as low as a contributor to perform PHP Object Injection attacks if a suitable gadget chain is found on the site...

8.8CVSS7.2AI score0.00884EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/23 12:0 a.m.23 views

Ultimate Dashboard < 3.7.6 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Go to "Ultimate Dashboard - Settings -...

4.8CVSS4.9AI score0.0047EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/23 12:0 a.m.12 views

WordPress File Upload < 4.19.2 - Admin+ Path Traversal

The plugin does not properly prevent attackers from modifying the target path to which the plugin will move files, via the wfunewpath parameter. This could allow administrators to move files outside of the site's root, which may be a problem in multisite configurations...

4.9CVSS6.6AI score0.01736EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/23 12:0 a.m.16 views

WordPress File Upload and WordPress File Upload Pro < 4.19.2 - Admin+ Stored Cross-Site Scripting

The plugin does not properly escape and sanitize user input coming from users with the administrator role in the plugin's settings, which is a problem in multisite configurations...

5.5CVSS6.7AI score0.00376EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.30 views

MStore API < 3.9.2 - Authentication Bypass

The plugin does not properly verify the user provided when syncing their cart via its REST API, allowing unauthenticated users to login as an arbitrary user by providing their ID...

9.8CVSS7AI score0.03805EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.21 views

WooCommerce Warranty Requests < 2.1.7 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open the URL below v = 2.1.6...

5.6AI score0.00379EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.8 views

Leyka < 3.30.3 - Subscriber+ Privilege Escalation

The plugin does not validate password to be updated, allowing any authenticated user, such as subscriber to set the password of another user...

6.9AI score0.00521EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.11 views

Icegram Engage < 3.1.12 - Reflected XSS

The plugin does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the code below...

6.1CVSS5.7AI score0.00486EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.15 views

MailChimp Subscribe Forms < 4.0.9.2 - Admin+ Stored XSS

The plugin does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup...

5.9CVSS6.6AI score0.00369EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.18 views

WooCommerce Follow-Up Emails < 4.9.50 - Unauthenticated Reflected XSS

The plugin does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin...

7.1CVSS6.1AI score0.00382EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.16 views

WP-Piwik < 1.0.28 - Admin+ Stored XSS

The plugin does not sanitize and escape the plugin display name field in the plugin settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00396EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.21 views

Integration for Contact Form 7 and Zoho CRM, Bigin < 1.2.4 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin PoC 1. Send a GET request with...

4.8CVSS9.6AI score0.0044EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.20 views

Contact Form Entries < 1.3.1 - Contributor+ Stored XSS

The plugin does not sanitize and escape the vx-entries shortcode attributes before using them, which could allow a logged in user with roles as low as contributor to inject arbitrary web scripts into posts or pages...

6.5CVSS6.7AI score0.00397EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.16 views

Leyka < 3.30.2 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6AI score0.00379EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.15 views

Multiple Plugins from Wow-Company - Reflected XSS

The plugins do not escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the code below The XSS will be triggered when pressing...

6.1CVSS8.2AI score0.00458EPSS
Exploits2Affected Software12
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.19 views

Responsive Tabs For WPBakery Page Builder <= 1.1 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC Note: The plugin requires WPBakery Page...

5.4CVSS5.8AI score0.00444EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.17 views

BEAR < 1.1.3.2 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in user to submit a crafted request...

8.8CVSS6.8AI score0.003EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.28 views

Duplicator Pro < 4.5.11.1 - Unauthenticated Reflected XSS

The plugin does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin...

7.1CVSS6.1AI score0.00382EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.16 views

Easy Forms for Mailchimp < 6.8.9 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page when the debug option is enabled, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. PoC When the debug settings is enabled ie...

6.1CVSS5.6AI score0.01092EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.13 views

Mediamatic – Media Library Folders <= 2.8.1 - Cross-Site Request Forgery

The plugin does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks. The original researcher didn't provide enough information on which actions could be performed...

8.8CVSS6.6AI score0.00271EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.12 views

qubotchat < 1.1.6 - Unauthenticated Stored XSS

The plugin doesn't filter user input on chat, leading to bad code inserted on it be reflected on the user dashboard. PoC 1. Enter " as the malicious payload into the chatbot input. 2. See XSS vulnerability...

6.1CVSS6AI score0.00499EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.27 views

Rank Math SEO PRO < 3.0.36 - Unauthenticated Reflected XSS

The plugin does not sanitize and escape a parameter before outputting it back in the page, allowing an unauthenticated attacker to inject web scripts that will execute when a visitor follows a crafted link to the page...

7.1CVSS7.1AI score0.00382EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.17 views

WooCommerce Follow-Up Emails < 4.9.50 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in user to submit a crafted request...

8.8CVSS6.8AI score0.00248EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.15 views

AI ChatBot < 4.5.5 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape its settings, allowing high-privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. PoC 1. Go to plugin settings under "WPBot Lite Simple Text Responses" 2. Enter the payload Test Query"...

4.8CVSS5.6AI score0.0047EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.21 views

EventPrime < 3.0.0 - Unauthenticated Reflected XSS

The plugin does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin...

7.1CVSS6.1AI score0.00382EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.20 views

WIP Custom Login < 1.3.0 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in user to submit a crafted request...

8.8CVSS6.8AI score0.00256EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.801 views

Revolution Slider <= 6.6.12 - Author+ Remote Code Execution

The plugin does not check for valid image files upon import, leading to an arbitrary file upload which may be escalated to Remote Code Execution in some server configurations. By default, the import functionality is only available to Admin users. However, the plugin may be configured to allow...

8.8CVSS9.5AI score0.0254EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.12 views

Qubotchat < 1.1.6 – Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Add a "button" to the chatbot 2. In the...

4.8CVSS5.7AI score0.00442EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.11 views

Novelist < 1.2.1 - Admin+ Stored XSS

The plugin does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfilteredhtml capability is disallowed for example in a multisite setup...

5.9CVSS6.6AI score0.00369EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities14603