Lucene search
K
WpvulndbRecent

14603 matches found

WPVulnDB
WPVulnDB
•added 2023/05/21 12:0 a.m.•14 views

Smart App Banner < 1.1.2 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in user to submit a crafted request...

8.8CVSS6.8AI score0.00264EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/19 12:0 a.m.•15 views

Groundhogg <= 2.7.9.8 - Privilege Escalation via CSRF

The plugin lacks CSRF protection when generating the auto login link through a shortcode, enabling attackers to manipulate the assigned user in the link...

8CVSS6.8AI score0.00399EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/19 12:0 a.m.•15 views

Groundhogg < 2.7.9.8 - Disable All Plugins via CSRF

The plugin does not have CSRF check when enabling Safe-mode on the plugin, which could allow attackers to make logged-in admins perform such action via a CSRF attack leading to disabling all other plugins...

5.4CVSS6.7AI score0.00303EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/19 12:0 a.m.•11 views

Groundhogg < 2.7.8.9 - Ticket Creation via CSRF

The plugin does not have CSRF check when creating a support ticket to the plugin author, which could allow attackers to make logged-in admins perform such action via a CSRF attack...

4.3CVSS6.7AI score0.00561EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/19 12:0 a.m.•11 views

WooDiscuz – WooCommerce Comments < 2.3.0 - Admin+ Stored XSS

The plugin is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary we...

5.9CVSS6AI score0.00369EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/19 12:0 a.m.•19 views

Groundhogg <= 2.7.9.8 - Lack of Authorization for Non-Arbitrary File upload

The plugin fails to validate the destination contact for the file upload, allowing any Subscriber+ user to upload files to arbitrary contacts...

5.4CVSS7.1AI score0.00467EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/19 12:0 a.m.•12 views

Groundhogg < 2.7.9.8 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00494EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/18 12:0 a.m.•19 views

BP Social Connect < 1.6.2 - Authentication Bypass

The plugin does not properly verify the user through its Facebook login, which could allow attackers to login as any user knowing their email address...

9.8CVSS6.7AI score0.01623EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/18 12:0 a.m.•21 views

UpdraftPlus < 1.23.4 - CSRF

The plugin does not have CSRF check in the actionauthenticatestorage, which could allow attackers to make logged in admins inject JavaScript into a parameter in the authentication process via a CSRF attack when they can trick an admin to perform multiple actions including re-authenticating a...

7.1CVSS6.9AI score0.00208EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/18 12:0 a.m.•21 views

Jazz Popups <= 1.8.7 - Unauthenticated Reflected Cross-Site Scripting

The plugin does not properly sanitize user input, leading to a potential Reflected Cross-Site Scripting XSS vulnerability...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/18 12:0 a.m.•19 views

WeSecur Security <= 1.2.1 - Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitize and escape user input, leading to a stored XSS vulnerability...

5.9CVSS6.1AI score0.00366EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/18 12:0 a.m.•21 views

Scripts n Styles < 3.5.8 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS10AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/18 12:0 a.m.•19 views

Better Notifications for WP < 1.9.3 - Cross-Site Request Forgery (CSRF)

The plugin does not protect its handleactions function against CSRF attacks, allowing an unauthenticated attacker to enable or disable notifications by tricking a logged in administrator to submit a crafted request...

8.8CVSS6.9AI score0.00256EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/18 12:0 a.m.•12 views

Performance Lab < 2.3.0 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.00256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/18 12:0 a.m.•23 views

Baidu Tongji generator <= 1.0.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/17 12:0 a.m.•24 views

MStore API < 3.9.1 - Authentication Bypass

The plugin does not properly verify the user provided when redemption coupons via its REST API, allowing unauthenticated users to login as an arbitrary user by providing their ID...

9.8CVSS7AI score0.01256EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/17 12:0 a.m.•12 views

Waiting: One-click countdowns <= 0.6.2 - Subscriber+ Stored XSS

The plugin does not sanitise and escape some parameters, and is missing proper authorisation, which could allow any authenticated users, such as subscriber to perform Cross-Site Scripting attacks...

7.4CVSS6AI score0.00454EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/17 12:0 a.m.•324 views

WP < 6.2.1 - Thumbnail Image Update via CSRF

Description WordPress does not have CSRF check when updating the thumbnail image associated with existing attachments, which could allow attackers to make logged in admins update them via a CSRF attack...

7AI score
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/05/17 12:0 a.m.•715 views

WP < 6.2.2 - Shortcode Execution in User Generated Data

Description WordPress allows shortcode to be executed in user generated data via block themes, which could allow unauthenticated users to execute shortcode via comments for instance...

7.4AI score
Exploits0References2
WPVulnDB
WPVulnDB
•added 2023/05/17 12:0 a.m.•18 views

WP Activity Log < 4.5.2 - Subscriber+ Information Leak

The plugin does not properly implement a capability check on the handleajaxcall function, leading to an authorization bypass that allows authenticated users to obtain a list of users' information, including ids, usernames, and emails...

4.3CVSS6.6AI score0.00552EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/17 12:0 a.m.•2126 views

WP < 6.2.1 - Directory Traversal via Translation Files

Description WordPress is affected by a directory traversal via the wplang parameter, which could allow attacker to load arbitrary translation files...

6.1CVSS5.6AI score0.79527EPSS
Exploits7References1
WPVulnDB
WPVulnDB
•added 2023/05/17 12:0 a.m.•347 views

WP < 6.2.1 - Contributor+ Content Injection

Description WordPress does not properly sanitise block attributes, which could allow users with a role of Contributor and above to perform content injection in comments on blog using a theme compatible with a block editor...

7.3AI score
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/05/17 12:0 a.m.•222 views

WP < 6.2.1 - Contributor+ Stored XSS via Open Embed Auto Discovery

Description WordPress does not validate the protocol when processing oEmbed discovery, which could allow users with the Contributor role and above to perform Stored Cross-Site Scripting attacks...

6.2AI score
Exploits0References1
WPVulnDB
WPVulnDB
•added 2023/05/16 12:0 a.m.•15 views

File Away <= 3.9.9.0.1 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. PoC fileup class='" onmouseover="alert1"'...

5.4CVSS8.4AI score0.0037EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/16 12:0 a.m.•15 views

Contact Form Email < 1.3.38 - Unauthenticated Stored Cross-Site Scripting

The plugin does not escape submitted values before displaying them in the HTML, leading to a Stored XSS vulnerability. PoC 1. Publish the default form to a page by clicking on "Contact Form to Email" in the sidebar, and the "Publish" button beside the form name. 2. Visit the form on the frontend...

5.4CVSS5.6AI score0.00505EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/16 12:0 a.m.•12 views

Multiple Page Generator < 3.3.18 - SQLi via CSRF

The plugin does not have CSRF check in the projectslist function, and does not escape the orderly & order parameters before using them in a SQL statement, which could allow attackers to make logged in administrators perform SQL Injection and lead to DoS via a CSRF attack...

4.3CVSS7.7AI score0.00364EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/16 12:0 a.m.•11 views

Photo Gallery by Ays < 5.1.7 - Reflected XSS

The plugin does not escape some parameters before outputting it back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open one of the URLs below v 5.1.7 -...

6.1CVSS8.1AI score0.00458EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/16 12:0 a.m.•16 views

Zotpress < 7.3.4 - Unauthenticated Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

7.1CVSS10AI score0.0103EPSS
Exploits1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/16 12:0 a.m.•31 views

PixelYourSite < 9.6.2 - Admin+ Stored Cross-Site Scripting

The plugin does not properly sanitize input and escape output in admin settings, leading to Stored Cross-Site Scripting vulnerabilities. This issue affects multi-site installations and installations with disabled unfilteredhtml...

4.8CVSS5.9AI score0.00516EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/16 12:0 a.m.•13 views

Multiple Page Generator < 3.3.18 - Admin+ SQLi

The plugin does not escape the orderby and order parameters before using them in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.2CVSS7.9AI score0.00841EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/16 12:0 a.m.•14 views

Contact Form by Supsystic < 1.7.25 - CSRF

The plugin does not have CSRF checks in their AJAX actions, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.7AI score0.0032EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/16 12:0 a.m.•21 views

OTP Login Woocommerce & Gravity Forms < 2.3 - Unauthenticated Privilege Escalation

The plugin returns generated OTP codes for users to use when using the logging in via phone number feature, allowing unauthenticated users to retrieve them for arbitrary accounts and be able to login as any user, including administrator granted they know the related phone number...

8.1CVSS7AI score0.0172EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•17 views

Quiz Maker < 6.4.2.7 - Reflected XSS

The plugin does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open the URL below other URL are also affected...

6.1CVSS8.1AI score0.02138EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•28 views

WooCommerce Ship to Multiple Addresses < 3.8.4 - Subscriber+ Shipping Address Disclosure via IDOR

The plugin does not ensure that the order to display the shipping address from belong to the user making the request, allowing any authenticated users, such as subscriber to view other shipping addresses via an IDOR PoC https://example.com/checkout/shipping-addresses/?orderid=106...

6.3AI score0.00545EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•34 views

Snow Monkey Forms < 5.0.7 - Unauthenticated Path Traversal

The plugin does not validate file path, allowing unauthenticated users to upload files to arbitrary folders...

9.8CVSS7.2AI score0.02021EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•19 views

Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.61 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the admin dashboard when the WPML plugin is also active and configured, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a pag...

6.1CVSS5.7AI score0.00486EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•20 views

WooCommerce Composite Products < 8.7.6 - Reflected XSS

The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC On a page where a Component Product is displayed, append...

5.7AI score0.00396EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•8 views

WooCommerce Brands < 1.6.46 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC Add a Brand with an image, and assign it...

5.5AI score0.00374EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•12 views

Video Gallery < 1.0.11 - Reflected XSS

The plugin does not sanitise and escape the searchterm parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6AI score0.00569EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•15 views

video carousel slider with lightbox < 1.0.23 - Reflected XSS

The plugin does not sanitise and escape the searchterm parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6AI score0.00612EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•12 views

ConvertKit < 2.2.1 - Reflected XSS

The plugin does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page with the code below...

6.1CVSS8.5AI score0.00458EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•16 views

Stop Spammers Security < 2023 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the payload below in any of the "Challenge...

4.8CVSS8.2AI score0.00442EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•16 views

MW WP Form < 4.4.3 - Unauthenticated Path Traversal

The plugin does not validate file path, allowing unauthenticated users to upload files to arbitrary location...

9.8CVSS7.2AI score0.01776EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/15 12:0 a.m.•17 views

Stop Spammers Security < 2023 - Reflected XSS

The plugin does not sanitise and escape various parameters before outputting them back in admin dashboard pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open a page containing the code below...

6.1CVSS5.7AI score0.00522EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/12 12:0 a.m.•10 views

WP Register Profile With Shortcode <= 3.5.7 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS10AI score0.00369EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/12 12:0 a.m.•17 views

Active Directory Integration < 4.1.5 - SQL Injection via CSRF

The plugin does not properly verify nonces and sufficiently escape user-supplied parameters, leading to Cross-Site Request Forgery and time-based SQL Injection vulnerabilities via the orderby and order parameters...

7.2CVSS8AI score0.00847EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/12 12:0 a.m.•18 views

Get Your Number <= 1.1.3 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. In the plugin's settings, enter the payload...

4.8CVSS8.2AI score0.00539EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/12 12:0 a.m.•15 views

DBargain <= 3.0.0 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00366EPSS
Exploits0Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/12 12:0 a.m.•13 views

WP Multi Store Locator <= 2.5 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC storelocatorshow location="'; alert1;...

5.4CVSS8.3AI score0.00444EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
•added 2023/05/12 12:0 a.m.•23 views

Download Manager < 3.2.71 - Contributor+ Stored Cross-Site Scripting

The plugin does not properly sanitize and escape user-supplied attributes in 'wpdmmembers', 'wpdmloginform', and 'wpdmregform' shortcodes, leading to Stored Cross-Site Scripting vulnerabilities...

6.4CVSS5.9AI score0.00646EPSS
Exploits2References1Affected Software1
Total number of security vulnerabilities14603